diff options
author | Nick Mathewson <nickm@torproject.org> | 2007-11-02 03:21:54 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2007-11-02 03:21:54 +0000 |
commit | cecb5e034dc3380257e1d3a7fad67d81cc660221 (patch) | |
tree | a4f9fe077d8a5f9d0fe24bad81d1b9cf51c057f8 /proposals/105-handshake-revision.txt | |
parent | 3bc6de3c4c589396ff92133b64e964bc8de0ed3a (diff) | |
download | torspec-cecb5e034dc3380257e1d3a7fad67d81cc660221.tar.gz torspec-cecb5e034dc3380257e1d3a7fad67d81cc660221.zip |
r14625@tombo: nickm | 2007-11-01 23:21:25 -0400
Merge revised behavior on proposal 105
svn:r12323
Diffstat (limited to 'proposals/105-handshake-revision.txt')
-rw-r--r-- | proposals/105-handshake-revision.txt | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/proposals/105-handshake-revision.txt b/proposals/105-handshake-revision.txt index 634c1c5..bd46dbd 100644 --- a/proposals/105-handshake-revision.txt +++ b/proposals/105-handshake-revision.txt @@ -193,9 +193,17 @@ Proposal: traffic through his own computers to enable timing and packet-counting attacks. - If a party connects to an OR based on an EXTEND cell, and the address - given in the EXTEND cell is not listed in the NETINFO cell, the first - party SHOULD close the connection as a likely MITM attack. + A Tor instance should use the other Tor's reported address + information as part of logic to decide whether to treat a given + connection as suitable for extending circuits to a given address/ID + combination. When we get an extend request, we use an use an + existing OR connection if the ID matches, and ANY of the following + conditions hold: + - The IP matches the requested IP. + - We know that the IP we're using is canonical because it was + listed in the NETINFO cell. + - We know that the IP we're using is canonical because it was + listed in the server descriptor. [NOTE: The NETINFO cell is assigned the command number 8.] |