Clarify current client behavior WRT TLS certificates. Add a TODO to make sure that this behavior is optional, and an entry in 098-todo.txt for investigating whether this behavior is smart.

svn:r17568
author: Nick Mathewson <nickm@torproject.org> 2008-12-10 22:28:00 +0000
committer: Nick Mathewson <nickm@torproject.org> 2008-12-10 22:28:00 +0000
commit: 9854ebadde4c5f231efbfc12751b0bf529fe1ce2 (patch)
tree: 6cbc37a930feda51d54e0348a85fd8fa8f3560f7 /doc/spec/tor-spec.txt
parent: 53d3f812bd2f97f4eb2acce73919e217baaf2772 (diff)
download: tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.tar.gz
tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/spec/tor-spec.txt b/doc/spec/tor-spec.txt
index 8c6508f6ee..8ab50242d9 100644
--- a/doc/spec/tor-spec.txt
+++ b/doc/spec/tor-spec.txt
@@ -251,6 +251,11 @@ see tor-design.pdf.
    (As an exception, directory servers may try to stay connected to all of
    the ORs -- though this will be phased out for the Tor 0.1.2.x release.)
 
+   To avoid being trivially distinguished from servers, client-only Tor
+   instances are encouraged but not required to use a two-certificate chain
+   as well.  Clients SHOULD NOT use keep using the same certificates when
+   their IP changes.  Clients MAY send no certificates at all.
+
 3. Cell Packet format
 
    The basic unit of communication for onion routers and onion
author	Nick Mathewson <nickm@torproject.org>	2008-12-10 22:28:00 +0000
committer	Nick Mathewson <nickm@torproject.org>	2008-12-10 22:28:00 +0000
commit	9854ebadde4c5f231efbfc12751b0bf529fe1ce2 (patch)
tree	6cbc37a930feda51d54e0348a85fd8fa8f3560f7 /doc/spec/tor-spec.txt
parent	53d3f812bd2f97f4eb2acce73919e217baaf2772 (diff)
download	tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.tar.gz tor-9854ebadde4c5f231efbfc12751b0bf529fe1ce2.zip