diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-09-07 10:09:11 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-09-07 10:09:11 -0400 |
| commit | d2bdea61f788beb6c31d33e7a4dad8c98c075918 (patch) | |
| tree | 0aa8fe076ceb5da1281dfc9107048404a567ee18 /tor-spec.txt | |
| parent | 0951a931f66b5389027e900aaa1af01e81db634f (diff) | |
| download | torspec-d2bdea61f788beb6c31d33e7a4dad8c98c075918.tar.gz torspec-d2bdea61f788beb6c31d33e7a4dad8c98c075918.zip | |
Describe actual use of NETINFO fields
Instead of saying the clock skew and "your address" fields are
unused, describe the dangers of using them as unconditionally
trusted.
Diffstat (limited to 'tor-spec.txt')
| -rw-r--r-- | tor-spec.txt | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/tor-spec.txt b/tor-spec.txt index 3431ca5..f7bd546 100644 --- a/tor-spec.txt +++ b/tor-spec.txt @@ -712,8 +712,11 @@ see tor-design.pdf. Implementations MAY use the timestamp value to help decide if their clocks are skewed. Initiators MAY use "other OR's address" to help - learn which address their connections are originating from, if they do - not know it. [As of 0.2.3.1-alpha, nodes use neither of these values.] + learn which address their connections may be originating from, if they do + not know it; and to learn whether the peer will treat the current + connection as canonical. Implementations SHOULD NOT trust these + values unconditionally, especially when they come from non-authorities, + since the other party can lie about the time or IP addresses it sees. Initiators SHOULD use "this OR's address" to make sure that they have connected to another OR at its canonical address. |