diff options
author | George Kadianakis <desnacked@riseup.net> | 2017-09-18 14:53:34 +0300 |
---|---|---|
committer | George Kadianakis <desnacked@riseup.net> | 2017-09-18 14:53:34 +0300 |
commit | de34dc59659adeb2422e1f6902a9fe7e2a5add21 (patch) | |
tree | 00543fff13104892a445a073b84d83e3c4f342d6 /proposals/224-rend-spec-ng.txt | |
parent | 26c35f957f812b1b77923ad5643b3b9eef8157d0 (diff) | |
download | torspec-de34dc59659adeb2422e1f6902a9fe7e2a5add21.tar.gz torspec-de34dc59659adeb2422e1f6902a9fe7e2a5add21.zip |
prop224: Specify that we have a replay cache for rendezvous cookies.
See replay_cache_rend_cookie in the codebase.
Diffstat (limited to 'proposals/224-rend-spec-ng.txt')
-rw-r--r-- | proposals/224-rend-spec-ng.txt | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt index 75fcc71..9aeeeb7 100644 --- a/proposals/224-rend-spec-ng.txt +++ b/proposals/224-rend-spec-ng.txt @@ -1636,11 +1636,11 @@ Table of contents: the AUTH_KEY or LEGACY_KEY_ID field matches the keys for this introduction circuit. - The service host then checks whether it has received a cell with - these contents before. If it has, it silently drops it as a - replay. (It must maintain a replay cache for as long as it accepts - cells with the same encryption key. Note that the encryption format below - should be non-malleable.) + The service host then checks whether it has received a cell with these + contents or rendezvous cookie before. If it has, it silently drops it as a + replay. (It must maintain a replay cache for as long as it accepts cells + with the same encryption key. Note that the encryption format below should + be non-malleable.) If the cell is not a replay, it decrypts the ENCRYPTED field, establishes a shared key with the client, and authenticates the whole |