Clarify current client behavior WRT TLS certificates. Add a TODO to make sure that this behavior is optional, and an entry in 098-todo.txt for investigating whether this behavior is smart.

svn:r17568
author: Nick Mathewson <nickm@torproject.org> 2008-12-10 22:28:00 +0000
committer: Nick Mathewson <nickm@torproject.org> 2008-12-10 22:28:00 +0000
commit: f75a725dfedd20b75d588d59077e0217159b9747 (patch)
tree: 5cd1a4741231539f2114b969c038194370515f53 /proposals/098-todo.txt
parent: 784ee9e24bad0ccaf089b67bdfc7da6816fc7750 (diff)
download: torspec-f75a725dfedd20b75d588d59077e0217159b9747.tar.gz
torspec-f75a725dfedd20b75d588d59077e0217159b9747.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/proposals/098-todo.txt b/proposals/098-todo.txt
index 2365a86..e891ea8 100644
--- a/proposals/098-todo.txt
+++ b/proposals/098-todo.txt
@@ -65,6 +65,12 @@ Any time:
     distribution. Need to think harder about allowing values less than 3,
     and there's a tradeoff between having a wide variance and performance.
 
+  - Clients currently use certs during TLS.  Is this wise?  It does make it
+    easier for servers to tell which NATted client is which. We could use a
+    seprate set of certs for each guard, I suppose, but generating so many
+    certs could get expensive.  Omitting them entirely would make OP->OR
+    easier to tell from OR->OR.
+
 Things that should change...
 
 B.1. ... but which will require backward-incompatible change
author	Nick Mathewson <nickm@torproject.org>	2008-12-10 22:28:00 +0000
committer	Nick Mathewson <nickm@torproject.org>	2008-12-10 22:28:00 +0000
commit	f75a725dfedd20b75d588d59077e0217159b9747 (patch)
tree	5cd1a4741231539f2114b969c038194370515f53 /proposals/098-todo.txt
parent	784ee9e24bad0ccaf089b67bdfc7da6816fc7750 (diff)
download	torspec-f75a725dfedd20b75d588d59077e0217159b9747.tar.gz torspec-f75a725dfedd20b75d588d59077e0217159b9747.zip