aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/tor-spec.txt17
1 files changed, 9 insertions, 8 deletions
diff --git a/doc/tor-spec.txt b/doc/tor-spec.txt
index e9e56b10d..e19e7d09d 100644
--- a/doc/tor-spec.txt
+++ b/doc/tor-spec.txt
@@ -44,10 +44,10 @@ which reveals the downstream node.
2. Connections
- There are two ways to connect to an OR. The first is as an onion
- proxy (OP), which allows the OP to authenticate the OR without
- authenticating itself. The second is as another OR, which allows
- mutual authentication.
+ There are two ways to connect to an onion router (OR). The first is
+ as an onion proxy (OP), which allows the OP to authenticate the OR
+ without authenticating itself. The second is as another OR, which
+ allows mutual authentication.
Tor uses TLS for link encryption, using the cipher suite
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA". An OR always sends a
@@ -56,7 +56,7 @@ which reveals the downstream node.
All parties receiving certificates must confirm that the public
key is as it appears in the server directory, and close the
- connection if it does not.
+ connection if it is not.
Once a TLS connection is established, the two sides send cells
(specified below) to one another. Cells are sent serially. All
@@ -65,9 +65,10 @@ which reveals the downstream node.
of TLS records should not leak information about the type or
contents of the cells.
- OR-to-OR connections are never deliberately closed. OP-to-OR
- connections are closed when the OP has no more circuits running
- over a connection, and an amount of time (????) has passed.
+ OR-to-OR connections are never deliberately closed. An OP should
+ close a connection to an OR if there are no circuits running over
+ the connection, and an amount of time (KeepalivePeriod, defaults to
+ 5 minutes) has passed.
3. Cell Packet format