Mark the dir-key-crosscert element as required.

This closes proposal 157.

2 files changed, 3 insertions, 8 deletions

diff --git a/dir-spec.txt b/dir-spec.txt
index d1d1994..39d880e 100644
--- a/dir-spec.txt
+++ b/dir-spec.txt
@@ -1076,11 +1076,7 @@
 
     "dir-key-crosscert" NL CrossSignature NL
 
-        [At most once.]
-
-        NOTE: Authorities MUST include this field in all newly generated
-        certificates.  A future version of this specification will make
-        the field required.
+        [Exactly once.]
 
         CrossSignature is a signature, made using the certificate's signing
         key, of the digest of the PKCS1-padded hash of the certificate's
@@ -1089,8 +1085,7 @@
         SIGNATURE---- and -----END ID SIGNATURE----- tags.  Implementations
         MUST allow the "ID " portion to be omitted, however.
 
-        When encountering a certificate with a dir-key-crosscert entry,
-        implementations MUST verify that the signature is a correct signature
+        Implementations MUST verify that the signature is a correct signature
         of the hash of the identity key using the signing key.
 
     "dir-key-certification" NL Signature NL
diff --git a/proposals/157-specific-cert-download.txt b/proposals/157-specific-cert-download.txt
index cf29dd9..e0ef0e8 100644
--- a/proposals/157-specific-cert-download.txt
+++ b/proposals/157-specific-cert-download.txt
@@ -2,7 +2,7 @@ Filename: 157-specific-cert-download.txt
 Title: Make certificate downloads specific
 Author: Nick Mathewson
 Created: 2-Dec-2008
-Status: Accepted
+Status: Closed
 Target: 0.2.4.x
 
 History: