From 410335394dd7f1682fe25ff8a3343653fcd0bb98 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 19 Sep 2017 10:32:58 -0400
Subject: make validation MUST; clarify behavior on failure.

---
 proposals/224-rend-spec-ng.txt | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'proposals/224-rend-spec-ng.txt')

diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index 9c8b77e..73f8936 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -974,9 +974,10 @@ Table of contents:
 
 2.2.7. Client-side validation of onion addresses
 
-   When a Tor client receives a prop224 onion address from the user, it should
-   validate the onion address before attempting to connect or fetch its
-   descriptor.
+   When a Tor client receives a prop224 onion address from the user, it
+   MUST first validate the onion address before attempting to connect or
+   fetch its descriptor. If the validation fails, the client MUST
+   refuse to connect.
 
    As part of the address validation, Tor clients should check that the
    underlying ed25519 key does not have a torsion component. If Tor accepted
-- 
cgit v1.2.3-54-g00ecf