[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r9635: Clarify rules about certificates on incoming connections. Do (in tor/trunk: . doc/spec)

Author: nickm
Date: 2007-02-24 02:54:47 -0500 (Sat, 24 Feb 2007)
New Revision: 9635

Modified:
   tor/trunk/
   tor/trunk/doc/spec/tor-spec.txt
Log:
 r11911@catbus:  nickm | 2007-02-24 02:51:37 -0500
 Clarify rules about certificates on incoming connections. Does it make more sense now?



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r11911] on 8246c3cf-6607-4228-993b-4d95d33730f1

Modified: tor/trunk/doc/spec/tor-spec.txt
===================================================================
--- tor/trunk/doc/spec/tor-spec.txt	2007-02-24 07:50:38 UTC (rev 9634)
+++ tor/trunk/doc/spec/tor-spec.txt	2007-02-24 07:54:47 UTC (rev 9635)
@@ -174,13 +174,12 @@
    EXTEND cell, the expected identity key is the one given in the cell.)  If
    the key is not as expected, the party must close the connection.
 
-   All parties SHOULD reject connections to or from ORs that have malformed
-   or missing certificates.
-   [XXX How can we recognize that it's an OR if it's an incoming connection
-    with malformed/missing certs? Should we change the above to just "to
-    ORs"? -RD]
-   ORs SHOULD NOT reject incoming connections from OPs with malformed
-   or missing certificates.
+   When connecting to an OR, all parties SHOULD reject the connection if that
+   OR has a malformed or missing certificate.  When accepting an incoming
+   connection, an OR SHOULD NOT reject incoming connections from parties with
+   malformed or missing certificates.  (However, an OR should not believe
+   that an incoming connection is from another OR unless the certificates
+   are present and well-formed.)
 
    [Before version 0.1.2.8-rc, ORs rejected incoming connections from ORs and
    OPs alike if their certificates were missing or malformed.]