[tor-dev] Proposal 320: Removing TAP usage from v2 onion services
Nick Mathewson
nickm at freehaven.net
Mon May 11 23:13:58 UTC 2020
On Mon, May 11, 2020 at 5:58 PM Ian Goldberg <iang at uwaterloo.ca> wrote:
>
> On Mon, May 11, 2020 at 04:47:53PM -0400, Nick Mathewson wrote:
> > ## INTRODUCE cells, RENDEZVOUS cells, and ntor.
> >
> > We allow clients to specify the rendezvous point's ntor key in the
> > INTRODUCE2 cell instead of the TAP key. To do this, the client
> > simply sets KLEN to 32, and includes the ntor key for the relay.
> >
> > Clients should only use ntor keys in this way if the network parameter
> > "hsv2-client-rend-ntor" is set to 1, and if the entry "allow-rend-ntor"
> > is present in the onion service descriptor.
> >
> > Services should only advertise "allow-rend-ntor" in this way if the
> > network parameter "hsv2-service-rend-ntor" is set to 1.
>
> It should be stronger, right? A service that does not advertise
> allow-rend-ntor (because hsv2-service-rend-tor is unset) MUST reject an
> ntor key, even if the service actually does support it? Otherwise a
> client could simply try it even if support is not advertised?
Ah yes, you're right.
--
Nick
More information about the tor-dev
mailing list