aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/spec/proposals/121-hidden-service-authentication.txt13
1 files changed, 9 insertions, 4 deletions
diff --git a/doc/spec/proposals/121-hidden-service-authentication.txt b/doc/spec/proposals/121-hidden-service-authentication.txt
index 971572dd12..149ba7affb 100644
--- a/doc/spec/proposals/121-hidden-service-authentication.txt
+++ b/doc/spec/proposals/121-hidden-service-authentication.txt
@@ -28,6 +28,8 @@ Change history:
with Nick
31-Jul-2008 Limit maximum descriptor size to 20 kilobytes to prevent
abuse.
+ 01-Aug-2008 Use first part of Diffie-Hellman handshake for replay
+ protection instead of rendezvous cookie.
Overview:
@@ -385,10 +387,13 @@ Details:
When receiving a v3 INTRODUCE2 cell, Bob checks whether a client has
provided valid authorization data to him. He also requires that the
timestamp is no more than 30 minutes in the past or future and that the
- rendezvous cookie has not been used in the past 60 minutes to prevent
- replay attacks by rogue introduction points. If all checks pass, Bob
- builds a circuit to the provided rendezvous point and otherwise drops the
- cell.
+ first part of the Diffie-Hellman handshake has not been used in the past
+ 60 minutes to prevent replay attacks by rogue introduction points. (The
+ reason for not using the rendezvous cookie to detect replays---even
+ though it is only sent once in the current design---is that it might be
+ desirable to re-use rendezvous cookies for multiple introduction requests
+ in the future.) If all checks pass, Bob builds a circuit to the provided
+ rendezvous point and otherwise drops the cell.
1.4. Summary of authorization data fields