diff options
| -rw-r--r-- | proposals/098-todo.txt | 6 | ||||
| -rw-r--r-- | tor-spec.txt | 5 |
2 files changed, 11 insertions, 0 deletions
diff --git a/proposals/098-todo.txt b/proposals/098-todo.txt index 2365a86..e891ea8 100644 --- a/proposals/098-todo.txt +++ b/proposals/098-todo.txt @@ -65,6 +65,12 @@ Any time: distribution. Need to think harder about allowing values less than 3, and there's a tradeoff between having a wide variance and performance. + - Clients currently use certs during TLS. Is this wise? It does make it + easier for servers to tell which NATted client is which. We could use a + seprate set of certs for each guard, I suppose, but generating so many + certs could get expensive. Omitting them entirely would make OP->OR + easier to tell from OR->OR. + Things that should change... B.1. ... but which will require backward-incompatible change diff --git a/tor-spec.txt b/tor-spec.txt index 8c6508f..8ab5024 100644 --- a/tor-spec.txt +++ b/tor-spec.txt @@ -251,6 +251,11 @@ see tor-design.pdf. (As an exception, directory servers may try to stay connected to all of the ORs -- though this will be phased out for the Tor 0.1.2.x release.) + To avoid being trivially distinguished from servers, client-only Tor + instances are encouraged but not required to use a two-certificate chain + as well. Clients SHOULD NOT use keep using the same certificates when + their IP changes. Clients MAY send no certificates at all. + 3. Cell Packet format The basic unit of communication for onion routers and onion |