Merge branch 'when_fast' into 'main'

Clarify when we use CREATE_FAST

See merge request tpo/core/torspec!245

1 files changed, 6 insertions, 10 deletions

diff --git a/spec/tor-spec/create-created-cells.md b/spec/tor-spec/create-created-cells.md
index 95727d0..a9b7a12 100644
--- a/spec/tor-spec/create-created-cells.md
+++ b/spec/tor-spec/create-created-cells.md
@@ -530,12 +530,12 @@ their circuit keys.
 
 ## CREATE_FAST/CREATED_FAST cells {#create_fast}
 
-When initializing the first hop of a circuit, the OP has already
+When creating a one-hop circuit, the OP has already
 established the OR's identity and negotiated a secret key using TLS.
-Because of this, it is not always necessary for the OP to perform the
-public key operations to create a circuit.  In this case, the
-OP MAY send a CREATE_FAST cell instead of a CREATE cell for the first
-hop only.  The OR responds with a CREATED_FAST cell, and the circuit is
+Because of this, it is not necessary for the OP to perform the
+public key operations to create a circuit.
+In this case, the OP MAY send a CREATE_FAST cell instead of a CREATE cell.
+The OR responds with a CREATED_FAST cell, and the circuit is
 created.
 
 A CREATE_FAST cell contains:
@@ -556,11 +556,7 @@ The values of `X` and `Y` must be generated randomly.
 Once both parties have `X` and `Y`, they derive their shared circuit keys
 and 'derivative key data' value via the [KDF-TOR function](./setting-circuit-keys.md#kdf-tor).
 
-The CREATE_FAST handshake is currently deprecated whenever it is not
-necessary; the migration is controlled by the "usecreatefast"
-networkstatus parameter as described in dir-spec.txt.
-
-\[Tor 0.3.1.1-alpha and later disable CREATE_FAST by default.\]
+Parties SHOULD NOT use CREATE_FAST except for creating one-hop circuits.
 
 <a id="tor-spec.txt-5.1.6"></a>