From de34dc59659adeb2422e1f6902a9fe7e2a5add21 Mon Sep 17 00:00:00 2001
From: George Kadianakis <desnacked@riseup.net>
Date: Mon, 18 Sep 2017 14:53:34 +0300
Subject: prop224: Specify that we have a replay cache for rendezvous cookies.

See replay_cache_rend_cookie in the codebase.
---
 proposals/224-rend-spec-ng.txt | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'proposals/224-rend-spec-ng.txt')

diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index 75fcc71..9aeeeb7 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -1636,11 +1636,11 @@ Table of contents:
    the AUTH_KEY or LEGACY_KEY_ID field matches the keys for this
    introduction circuit.
 
-   The service host then checks whether it has received a cell with
-   these contents before. If it has, it silently drops it as a
-   replay. (It must maintain a replay cache for as long as it accepts
-   cells with the same encryption key. Note that the encryption format below
-   should be non-malleable.)
+   The service host then checks whether it has received a cell with these
+   contents or rendezvous cookie before. If it has, it silently drops it as a
+   replay. (It must maintain a replay cache for as long as it accepts cells
+   with the same encryption key. Note that the encryption format below should
+   be non-malleable.)
 
    If the cell is not a replay, it decrypts the ENCRYPTED field,
    establishes a shared key with the client, and authenticates the whole
-- 
cgit v1.2.3-54-g00ecf