aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--param-spec.txt12
-rw-r--r--rend-spec-v3.txt22
2 files changed, 31 insertions, 3 deletions
diff --git a/param-spec.txt b/param-spec.txt
index a63ad3b..123cedc 100644
--- a/param-spec.txt
+++ b/param-spec.txt
@@ -105,11 +105,17 @@ Table of Contents
"KISTSchedRunInterval" -- How frequently should the "KIST" scheduler
run in order to decide which data to write to the network? Value in
- units of milliseconds. If 0, then the KIST scheduler should be
- disabled.
- Min: 0. Max: 100. Default: 10.
+ units of milliseconds.
+ Min: 2. Max: 100. Default: 2
First appeared: 0.3.2
+ "KISTSchedRunIntervalClient" -- How frequently should the "KIST" scheduler
+ run in order to decide which data to write to the network, on clients? Value
+ in units of milliseconds. The client value needs to be much lower than
+ the relay value.
+ Min: 2. Max: 100. Default: 2.
+ First appeared: 0.4.8.2
+
3. Voting-related parameters
"bwweightscale" -- Value that bandwidth-weights are divided by. If not
diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt
index e1d6174..383b73a 100644
--- a/rend-spec-v3.txt
+++ b/rend-spec-v3.txt
@@ -998,6 +998,28 @@ Table of contents:
Consider that the service is at 01:00 right after SRV#2: it will upload its
second descriptor using TP#2 and SRV#2.
+2.2.4.3. Directory behavior for handling descriptor uploads [DIRUPLOAD]
+
+ Upon receiving a hidden service descriptor publish request, directories MUST
+ check the following:
+
+ * The outer wrapper of the descriptor can be parsed according to
+ [DESC-OUTER]
+ * The version-number of the descriptor is "3"
+ * If the directory has already cached a descriptor for this hidden service,
+ the revision-counter of the uploaded descriptor must be greater than the
+ revision-counter of the cached one
+ * The descriptor signature is valid
+
+ If any of these basic validity checks fails, the directory MUST reject the
+ descriptor upload.
+
+ NOTE: Even if the descriptor passes the checks above, its first and second
+ layers could still be invalid: directories cannot validate the encrypted
+ layers of the descriptor, as they do not have access to the public key of the
+ service (required for decrypting the first layer of encryption), or the
+ necessary client credentials (for decrypting the second layer).
+
2.2.5. Expiring hidden service descriptors [EXPIRE-DESC]
Hidden services set their descriptor's "descriptor-lifetime" field to 180
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion