diff options
| -rw-r--r-- | doc/spec/tor-spec.txt | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/doc/spec/tor-spec.txt b/doc/spec/tor-spec.txt index c3aba0fd8..672ecce41 100644 --- a/doc/spec/tor-spec.txt +++ b/doc/spec/tor-spec.txt @@ -174,13 +174,12 @@ see tor-design.pdf. EXTEND cell, the expected identity key is the one given in the cell.) If the key is not as expected, the party must close the connection. - All parties SHOULD reject connections to or from ORs that have malformed - or missing certificates. - [XXX How can we recognize that it's an OR if it's an incoming connection - with malformed/missing certs? Should we change the above to just "to - ORs"? -RD] - ORs SHOULD NOT reject incoming connections from OPs with malformed - or missing certificates. + When connecting to an OR, all parties SHOULD reject the connection if that + OR has a malformed or missing certificate. When accepting an incoming + connection, an OR SHOULD NOT reject incoming connections from parties with + malformed or missing certificates. (However, an OR should not believe + that an incoming connection is from another OR unless the certificates + are present and well-formed.) [Before version 0.1.2.8-rc, ORs rejected incoming connections from ORs and OPs alike if their certificates were missing or malformed.] |