diff options
| author | Nick Mathewson <nickm@torproject.org> | 2023-10-13 18:00:42 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2023-10-13 18:00:42 -0400 |
| commit | f79272ef1f774b3788b74a3fe4fef75095dfae06 (patch) | |
| tree | 8f47bebaa06c444f632bf8c4afbd793c4972a27d /spec/tor-spec/connections.md | |
| parent | fa014ec90411fd754dd257d04afa1a953e15bf31 (diff) | |
| download | torspec-f79272ef1f774b3788b74a3fe4fef75095dfae06.tar.gz torspec-f79272ef1f774b3788b74a3fe4fef75095dfae06.zip | |
Run markdownlint --fix on spec.
Diffstat (limited to 'spec/tor-spec/connections.md')
| -rw-r--r-- | spec/tor-spec/connections.md | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/spec/tor-spec/connections.md b/spec/tor-spec/connections.md index d540489..a7ba661 100644 --- a/spec/tor-spec/connections.md +++ b/spec/tor-spec/connections.md @@ -1,4 +1,5 @@ <a id="tor-spec.txt-2"></a> + # Connections Connections between two Tor relays, or between a client and a relay, @@ -158,6 +159,7 @@ their IP address changes. Clients MAY send certificates using any of the above handshake variants. <a id="tor-spec.txt-2.1"></a> + ## Picking TLS ciphersuites Clients SHOULD send a ciphersuite list chosen to emulate some popular @@ -217,6 +219,7 @@ less than HASH_LEN bits. Responders SHOULD NOT select any SSLv3 ciphersuite other than the DHE+3DES suites listed above. <a id="tor-spec.txt-2.2"></a> + ## TLS security considerations Implementations MUST NOT allow TLS session resumption -- it can @@ -226,4 +229,3 @@ Feb 2013), and it plays havoc with forward secrecy guarantees. Implementations SHOULD NOT allow TLS compression -- although we don't know a way to apply a CRIME-style attack to current Tor directly, it's a waste of resources. - |