1 files changed, 10 insertions, 8 deletions

diff --git a/changes/reject-tap b/changes/reject-tap
index 75800184fd..8e616de301 100644
--- a/changes/reject-tap
+++ b/changes/reject-tap
@@ -1,13 +1,15 @@
   o Major bug fixes (circuit building):
-    - Tor authorities, relays, and clients no longer support
-      circuit-building using TAP. (The hidden service protocol
-      still uses TAP.)
-    - Relays make sure their own descriptor has an ntor key.
-    - Authorites no longer trust the version a relay claims (if any),
-      instead, they check specifically for an ntor key.
+    - Tor authorities, relays, and clients only use ntor, except for
+      rare cases in the hidden service protocol.
+    - Authorities, relays and clients specifically check that each
+      descriptor has an ntor key.
     - Clients avoid downloading a descriptor if the relay version is
       too old to support ntor.
-    - Client code ignores nodes without ntor keys: they will not be
-      selected during circuit-building, or as guards, or as directory
+    - Client code never chooses nodes without ntor keys: they will not
+      be selected during circuit-building, or as guards, or as directory
       mirrors, or as introduction or rendezvous points.
+    - Circuit-building code assumes that all hops can use ntor,
+      except for rare hidden service protocol cases.
+    - Hidden service client to intro point and service to rendezvous point
+      connections use the TAP key supplied by the protocol.
       Fixes bug 19163; bugfix on 0.2.4.18-rc.