commit 9ddf104ae43c0a1eb88d617cf1a4513af8930561
Author: Nick Mathewson <ni...@torproject.org>
Date: Fri Feb 9 08:40:33 2018 -0500
Add a graf about fingerprinting anonymous directory connections.
---
dir-spec.txt | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/dir-spec.txt b/dir-spec.txt
index 003e400..ece2991 100644
--- a/dir-spec.txt
+++ b/dir-spec.txt
@@ -3636,11 +3636,16 @@
- "x-tor-lzma" -- The lzma compression algorithm, with a "preset"
value no higher than 6.
- Clients SHOULD use Accept-Encoding to indicate which of the above
- compression algorithms they support. If they omit it (as Tor clients
- did before 0.3.1.1-alpha), then the server should serve only "deflate"
- or "identity" encoded documents, based on the presence or absence of
- the ".z" suffix on the requested URL.
+ Clients SHOULD use Accept-Encoding on most directory requests to indicate
+ which of the above compression algorithms they support. If they omit it
+ (as Tor clients did before 0.3.1.1-alpha), then the server should serve
+ only "deflate" or "identity" encoded documents, based on the presence or
+ absence of the ".z" suffix on the requested URL.
+
+ Note that for anonymous directory requests (that is, requests made over
+ multi-hop circuits, like those for onion service lookups) implementations
+ SHOULD NOT advertise any Accept-Encoding values other than deflate. To do
+ so would be to create a fingerprinting opportunity.
When receiving multiple documents, clients MUST accept compressed
concatenated documents and concatenated compressed documents as
_______________________________________________
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
