Clarify current client behavior WRT TLS certificates. Add a TODO to make sure that this behavior is optional, and an entry in 098-todo.txt for investigating whether this behavior is smart.

svn:r17568
author: Nick Mathewson <nickm@torproject.org> 2008-12-10 22:28:00 +0000
committer: Nick Mathewson <nickm@torproject.org> 2008-12-10 22:28:00 +0000
commit: 9854ebadde4c5f231efbfc12751b0bf529fe1ce2 (patch)
tree: 6cbc37a930feda51d54e0348a85fd8fa8f3560f7 /doc/spec/proposals
parent: 53d3f812bd2f97f4eb2acce73919e217baaf2772 (diff)
download: tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.tar.gz
tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/spec/proposals/098-todo.txt b/doc/spec/proposals/098-todo.txt
index 2365a861fe..e891ea890c 100644
--- a/doc/spec/proposals/098-todo.txt
+++ b/doc/spec/proposals/098-todo.txt
@@ -65,6 +65,12 @@ Any time:
     distribution. Need to think harder about allowing values less than 3,
     and there's a tradeoff between having a wide variance and performance.
 
+  - Clients currently use certs during TLS.  Is this wise?  It does make it
+    easier for servers to tell which NATted client is which. We could use a
+    seprate set of certs for each guard, I suppose, but generating so many
+    certs could get expensive.  Omitting them entirely would make OP->OR
+    easier to tell from OR->OR.
+
 Things that should change...
 
 B.1. ... but which will require backward-incompatible change
author	Nick Mathewson <nickm@torproject.org>	2008-12-10 22:28:00 +0000
committer	Nick Mathewson <nickm@torproject.org>	2008-12-10 22:28:00 +0000
commit	9854ebadde4c5f231efbfc12751b0bf529fe1ce2 (patch)
tree	6cbc37a930feda51d54e0348a85fd8fa8f3560f7 /doc/spec/proposals
parent	53d3f812bd2f97f4eb2acce73919e217baaf2772 (diff)
download	tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.tar.gz tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.zip