4 files changed, 40 insertions, 7 deletions

diff --git a/dir-spec.txt b/dir-spec.txt
index c5ca5c1..dd4a9c9 100644
--- a/dir-spec.txt
+++ b/dir-spec.txt
@@ -476,6 +476,14 @@
        the address will be accepted.  For clarity, the last such entry SHOULD
        be accept *:* or reject *:*.
 
+    "ipv6-policy" SP ("accept" / "reject") SP PortList NL
+
+       [At most once.]
+
+       An exit-policy summary as specified in 3.3 and 3.5.2, summarizing
+       the router's rules for connecting to IPv6 addresses. A missing
+       "ipv6-policy" line is equivalent to "ipv6-policy reject 1-65535".
+
     "router-signature" NL Signature NL
 
        [At end, exactly once]
@@ -1114,7 +1122,7 @@
 
         The "ntor-onion-key" element as specified in 2.1.
 
-        (Only included when the vote or consensus is generated with
+        (Only included when generating microdescriptors for
         consensus-method 16 or later.)
 
      "a" SP address ":" portlist NL
@@ -1141,6 +1149,17 @@
         BEGIN request, and might get end-reason-exit-policy if they guessed
         wrong, in which case they'll have to try elsewhere.]
 
+     "p6" SP ("accept" / "reject") SP PortList NL
+
+        [At most once]
+
+        The IPv6 exit policy summary as specified in 3.3 and 3.5.2. A
+        missing "p6" line is equivalent to "p6 reject 1-65535".
+
+        (Only included when generating microdescriptors for
+        consensus-method 15 or later.)
+
+
    (Note that with microdescriptors, clients do not learn the identity of
    their routers: they only learn a hash of the identity key.  This is all
    they need to confirm the actual identity key when doing a TLS handshake,
@@ -1855,7 +1874,8 @@
           consensuses may include "a" lines listing additional OR
           ports.
 
-        * XXXXX 15
+        * If consensus method 15 or later is used, microdescriptors
+          include "p6" lines including IPv6 exit policies.
 
         * If consensus method 16 or later is used, ntor-onion-key
           are included in microdescriptors
diff --git a/proposals/117-ipv6-exits.txt b/proposals/117-ipv6-exits.txt
index 9c51cf2..f343ff7 100644
--- a/proposals/117-ipv6-exits.txt
+++ b/proposals/117-ipv6-exits.txt
@@ -2,7 +2,7 @@ Filename: 117-ipv6-exits.txt
 Title: IPv6 exits
 Author: coderman
 Created: 10-Jul-2007
-Status: Finished
+Status: Closed
 Target: 0.2.4.x
 Implemented-In: 0.2.4.7-alpha
 
diff --git a/proposals/208-ipv6-exits-redux.txt b/proposals/208-ipv6-exits-redux.txt
index e25a901..32fb09c 100644
--- a/proposals/208-ipv6-exits-redux.txt
+++ b/proposals/208-ipv6-exits-redux.txt
@@ -2,7 +2,7 @@ Filename: 208-ipv6-exits-redux.txt
 Title: IPv6 Exits Redux
 Author: Nick Mathewson
 Created: 10-Oct-2012
-Status: Finished
+Status: Closed
 Target: 0.2.4.x
 Implemented-In: 0.2.4.7-alpha
 
diff --git a/tor-spec.txt b/tor-spec.txt
index 0c333e7..6831744 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -1252,14 +1252,27 @@ see tor-design.pdf.
    and constructs a RELAY_BEGIN cell with a payload encoding the address
    and port of the destination host.  The payload format is:
 
-         ADDRESS | ':' | PORT | [00]
+         ADDRPORT [nul-terminated string]
+         FLAGS    [4 bytes]
+
+   ADDRPORT is made of ADDRESS | ':' | PORT | [00]
 
    where  ADDRESS can be a DNS hostname, or an IPv4 address in
    dotted-quad format, or an IPv6 address surrounded by square brackets;
    and where PORT is a decimal integer between 1 and 65535, inclusive.
 
-   [What is the [00] for? -NM]
-   [It's so the payload is easy to parse out with string funcs -RD]
+   The FLAGS value has one or more of the following bits set, where
+   "bit 1" is the LSB of the 32-bit value, and "bit 32" is the MSB.
+     bit   meaning
+      1 -- IPv6 okay.  We support learning about IPv6 addresses and
+           connecting to IPv6 addresses.
+      2 -- IPv4 not okay.  We don't want to learn about IPv4 addresses
+           or connect to them.
+      3 -- IPv6 preferred.  If there are both IPv4 and IPv6 addresses,
+           we want to connect to the IPv6 one.  (By default, we connect
+           to the IPv4 address.)
+      4..32 -- Reserved. Current clients MUST NOT set these. Servers
+           MUST ignore them.
 
    Upon receiving this cell, the exit node resolves the address as
    necessary, and opens a new TCP connection to the target port.  If the