3 files changed, 4 insertions, 5 deletions

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index a724006b28..f903bbf095 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1434,10 +1434,6 @@ pathbias_check_close(origin_circuit_t *ocirc, int reason)
     if (circ->timestamp_dirty) {
       /* Any circuit where there were attempted streams but no successful
        * streams could be bias */
-      // XXX: May open up attacks if the adversary can force connections
-      // on unresponsive hosts to use new circs. Vidalia displayes a "Retrying"
-      // state.. Can we use that? Does optimistic data change this?
-
       log_info(LD_CIRC,
             "Circuit %d closed without successful use for reason %d. "
             "Circuit purpose %d currently %s.",
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index d3b480139e..cb44bba328 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1166,6 +1166,7 @@ circuit_has_opened(origin_circuit_t *circ)
    * building). */
   // XXX: Cannibalized now use RELAY_EARLY, which is visible
   // to taggers end-to-end! We really need to probe these instead.
+  // Don't forget to remove this check once that's done!
   if (circ->has_opened &&
       circ->build_state->desired_path_len > DEFAULT_ROUTE_LEN) {
     circ->path_state = PATH_STATE_USE_SUCCEEDED;
diff --git a/src/or/relay.c b/src/or/relay.c
index 3ee0c835b2..6ed4b930ae 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -697,7 +697,9 @@ connection_ap_process_end_not_open(
     /* Path bias: If we get a valid reason code from the exit,
      * it wasn't due to tagging */
     // XXX: This relies on recognized+digest being strong enough not
-    // to be spoofable.. Is that a valid assumption?
+    // to be spoofable.. Is that a valid assumption? 
+    // Or more accurately: is it better than nothing? Can the attack
+    // be done offline?
     circ->path_state = PATH_STATE_USE_SUCCEEDED;
   }