From 67a77f17caa215cd2b01b379f2173d082c6632e9 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Sat, 4 Feb 2006 20:07:45 +0000 Subject: i'm not sure what man-in-the-middle attacks we were worried about, but i agree that we don't need to worry about them for rendezvousing. what we really meant was collision attacks. i think? svn:r5909 --- doc/rend-spec.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'doc') diff --git a/doc/rend-spec.txt b/doc/rend-spec.txt index cc77516585..3825dd6d33 100644 --- a/doc/rend-spec.txt +++ b/doc/rend-spec.txt @@ -254,9 +254,9 @@ $Id$ 2. Generate a 16-character encoding of H', using base32 as defined in RFC 3548. - (We only use 80 bits instead of the 160 bits from SHA1 because we don't - need to worry about man-in-the-middle attacks, and because it will make - handling the url's more convenient.) + (We only use 80 bits instead of the 160 bits from SHA1 because we + don't need to worry about arbitrary collisions, and because it will + make handling the url's more convenient.) The string "x", if present, is the base-32 encoding of the authentication/authorization required by the introduction point. -- cgit v1.2.3-54-g00ecf