|
@@ -174,13 +174,12 @@ see tor-design.pdf.
|
|
|
EXTEND cell, the expected identity key is the one given in the cell.) If
|
|
EXTEND cell, the expected identity key is the one given in the cell.) If
|
|
|
the key is not as expected, the party must close the connection.
|
|
the key is not as expected, the party must close the connection.
|
|
|
|
|
|
|
|
- All parties SHOULD reject connections to or from ORs that have malformed
|
|
|
|
|
- or missing certificates.
|
|
|
|
|
- [XXX How can we recognize that it's an OR if it's an incoming connection
|
|
|
|
|
- with malformed/missing certs? Should we change the above to just "to
|
|
|
|
|
- ORs"? -RD]
|
|
|
|
|
- ORs SHOULD NOT reject incoming connections from OPs with malformed
|
|
|
|
|
- or missing certificates.
|
|
|
|
|
|
|
+ When connecting to an OR, all parties SHOULD reject the connection if that
|
|
|
|
|
+ OR has a malformed or missing certificate. When accepting an incoming
|
|
|
|
|
+ connection, an OR SHOULD NOT reject incoming connections from parties with
|
|
|
|
|
+ malformed or missing certificates. (However, an OR should not believe
|
|
|
|
|
+ that an incoming connection is from another OR unless the certificates
|
|
|
|
|
+ are present and well-formed.)
|
|
|
|
|
|
|
|
[Before version 0.1.2.8-rc, ORs rejected incoming connections from ORs and
|
|
[Before version 0.1.2.8-rc, ORs rejected incoming connections from ORs and
|
|
|
OPs alike if their certificates were missing or malformed.]
|
|
OPs alike if their certificates were missing or malformed.]
|
Nick Mathewson