On Mon, May 11, 2020 at 5:58 PM Ian Goldberg <i...@uwaterloo.ca> wrote: > > On Mon, May 11, 2020 at 04:47:53PM -0400, Nick Mathewson wrote: > > ## INTRODUCE cells, RENDEZVOUS cells, and ntor. > > > > We allow clients to specify the rendezvous point's ntor key in the > > INTRODUCE2 cell instead of the TAP key. To do this, the client > > simply sets KLEN to 32, and includes the ntor key for the relay. > > > > Clients should only use ntor keys in this way if the network parameter > > "hsv2-client-rend-ntor" is set to 1, and if the entry "allow-rend-ntor" > > is present in the onion service descriptor. > > > > Services should only advertise "allow-rend-ntor" in this way if the > > network parameter "hsv2-service-rend-ntor" is set to 1. > > It should be stronger, right? A service that does not advertise > allow-rend-ntor (because hsv2-service-rend-tor is unset) MUST reject an > ntor key, even if the service actually does support it? Otherwise a > client could simply try it even if support is not advertised?
Ah yes, you're right. -- Nick _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev