commit 6b557594efca098a9e24ab49545823655f596af9 Author: Nick Mathewson nickm@torproject.org Date: Thu Oct 31 16:57:45 2013 -0400
Merge proposal 221 (stop using CREATE_FAST) --- dir-spec.txt | 4 ++++ proposals/221-stop-using-create-fast.txt | 2 +- tor-spec.txt | 4 ++++ 3 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/dir-spec.txt b/dir-spec.txt index fd6c73a..d1d1994 100644 --- a/dir-spec.txt +++ b/dir-spec.txt @@ -1424,6 +1424,10 @@ they do not. Min: 0, Max: 1. Default: 1.
+ "usecreatefast" -- Used to control whether clients use the + CREATE_FAST handshake on the first hop of their circuits. + Min: 0, Max: 1. Default: 1. + The authority section of a vote contains the following items, followed in turn by the authority's current key certificate:
diff --git a/proposals/221-stop-using-create-fast.txt b/proposals/221-stop-using-create-fast.txt index d190c29..7903a39 100644 --- a/proposals/221-stop-using-create-fast.txt +++ b/proposals/221-stop-using-create-fast.txt @@ -3,7 +3,7 @@ Title: Stop using CREATE_FAST Authors: Nick Mathewson Created: 12 August 2013 Target: 0.2.5.x -Status: Open +Status: Closed
0. Summary
diff --git a/tor-spec.txt b/tor-spec.txt index 5561201..80d9e23 100644 --- a/tor-spec.txt +++ b/tor-spec.txt @@ -946,6 +946,10 @@ see tor-design.pdf. RELAY_BEGIN exiting the circuit at the first hop: letting Tor be used as a single hop proxy makes exit nodes a more attractive target for compromise.
+ The CREATE_FAST handshake is currently deprecated whenever it is not + necessary; the migration is controlled by the "usecreatefast" + networkstatus parameter as described in dir-spec.txt. + 5.2. Setting circuit keys
5.2.1. KDF-TOR