diff options
Diffstat (limited to 'changes/reject-tap')
-rw-r--r-- | changes/reject-tap | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/changes/reject-tap b/changes/reject-tap index 75800184fd..8e616de301 100644 --- a/changes/reject-tap +++ b/changes/reject-tap @@ -1,13 +1,15 @@ o Major bug fixes (circuit building): - - Tor authorities, relays, and clients no longer support - circuit-building using TAP. (The hidden service protocol - still uses TAP.) - - Relays make sure their own descriptor has an ntor key. - - Authorites no longer trust the version a relay claims (if any), - instead, they check specifically for an ntor key. + - Tor authorities, relays, and clients only use ntor, except for + rare cases in the hidden service protocol. + - Authorities, relays and clients specifically check that each + descriptor has an ntor key. - Clients avoid downloading a descriptor if the relay version is too old to support ntor. - - Client code ignores nodes without ntor keys: they will not be - selected during circuit-building, or as guards, or as directory + - Client code never chooses nodes without ntor keys: they will not + be selected during circuit-building, or as guards, or as directory mirrors, or as introduction or rendezvous points. + - Circuit-building code assumes that all hops can use ntor, + except for rare hidden service protocol cases. + - Hidden service client to intro point and service to rendezvous point + connections use the TAP key supplied by the protocol. Fixes bug 19163; bugfix on 0.2.4.18-rc. |