commit 9ddf104ae43c0a1eb88d617cf1a4513af8930561 Author: Nick Mathewson <nickm@torproject.org> Date: Fri Feb 9 08:40:33 2018 -0500 Add a graf about fingerprinting anonymous directory connections. --- dir-spec.txt | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/dir-spec.txt b/dir-spec.txt index 003e400..ece2991 100644 --- a/dir-spec.txt +++ b/dir-spec.txt @@ -3636,11 +3636,16 @@ - "x-tor-lzma" -- The lzma compression algorithm, with a "preset" value no higher than 6. - Clients SHOULD use Accept-Encoding to indicate which of the above - compression algorithms they support. If they omit it (as Tor clients - did before 0.3.1.1-alpha), then the server should serve only "deflate" - or "identity" encoded documents, based on the presence or absence of - the ".z" suffix on the requested URL. + Clients SHOULD use Accept-Encoding on most directory requests to indicate + which of the above compression algorithms they support. If they omit it + (as Tor clients did before 0.3.1.1-alpha), then the server should serve + only "deflate" or "identity" encoded documents, based on the presence or + absence of the ".z" suffix on the requested URL. + + Note that for anonymous directory requests (that is, requests made over + multi-hop circuits, like those for onion service lookups) implementations + SHOULD NOT advertise any Accept-Encoding values other than deflate. To do + so would be to create a fingerprinting opportunity. When receiving multiple documents, clients MUST accept compressed concatenated documents and concatenated compressed documents as