From cecb5e034dc3380257e1d3a7fad67d81cc660221 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Fri, 2 Nov 2007 03:21:54 +0000
Subject:  r14625@tombo:  nickm | 2007-11-01 23:21:25 -0400  Merge revised
 behavior on proposal 105

svn:r12323
---
 proposals/105-handshake-revision.txt | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'proposals/105-handshake-revision.txt')

diff --git a/proposals/105-handshake-revision.txt b/proposals/105-handshake-revision.txt
index 634c1c5..bd46dbd 100644
--- a/proposals/105-handshake-revision.txt
+++ b/proposals/105-handshake-revision.txt
@@ -193,9 +193,17 @@ Proposal:
    traffic through his own computers to enable timing and packet-counting
    attacks.
 
-   If a party connects to an OR based on an EXTEND cell, and the address
-   given in the EXTEND cell is not listed in the NETINFO cell, the first
-   party SHOULD close the connection as a likely MITM attack.
+   A Tor instance should use the other Tor's reported address
+   information as part of logic to decide whether to treat a given
+   connection as suitable for extending circuits to a given address/ID
+   combination.  When we get an extend request, we use an use an
+   existing OR connection if the ID matches, and ANY of the following
+   conditions hold:
+       - The IP matches the requested IP.
+       - We know that the IP we're using is canonical because it was
+         listed in the NETINFO cell.
+       - We know that the IP we're using is canonical because it was
+         listed in the server descriptor.
 
    [NOTE: The NETINFO cell is assigned the command number 8.]
 
-- 
cgit v1.2.3-54-g00ecf