[tor-commits] [torspec/master] Describe actual use of NETINFO fields

[nickm at torproject.org]

commit d2bdea61f788beb6c31d33e7a4dad8c98c075918
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Sep 7 10:09:11 2017 -0400

    Describe actual use of NETINFO fields
    
    Instead of saying the clock skew and "your address" fields are
    unused, describe the dangers of using them as unconditionally
    trusted.
---
 tor-spec.txt | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tor-spec.txt b/tor-spec.txt
index 3431ca5..f7bd546 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -712,8 +712,11 @@ see tor-design.pdf.
 
    Implementations MAY use the timestamp value to help decide if their
    clocks are skewed.  Initiators MAY use "other OR's address" to help
-   learn which address their connections are originating from, if they do
-   not know it.  [As of 0.2.3.1-alpha, nodes use neither of these values.]
+   learn which address their connections may be originating from, if they do
+   not know it; and to learn whether the peer will treat the current
+   connection as canonical.  Implementations SHOULD NOT trust these
+   values unconditionally, especially when they come from non-authorities,
+   since the other party can lie about the time or IP addresses it sees.
 
    Initiators SHOULD use "this OR's address" to make sure
    that they have connected to another OR at its canonical address.