[tor-dev] Proposal 320: Removing TAP usage from v2 onion services
Ian Goldberg
iang at uwaterloo.ca
Mon May 11 21:58:31 UTC 2020
On Mon, May 11, 2020 at 04:47:53PM -0400, Nick Mathewson wrote:
> ## INTRODUCE cells, RENDEZVOUS cells, and ntor.
>
> We allow clients to specify the rendezvous point's ntor key in the
> INTRODUCE2 cell instead of the TAP key. To do this, the client
> simply sets KLEN to 32, and includes the ntor key for the relay.
>
> Clients should only use ntor keys in this way if the network parameter
> "hsv2-client-rend-ntor" is set to 1, and if the entry "allow-rend-ntor"
> is present in the onion service descriptor.
>
> Services should only advertise "allow-rend-ntor" in this way if the
> network parameter "hsv2-service-rend-ntor" is set to 1.
It should be stronger, right? A service that does not advertise
allow-rend-ntor (because hsv2-service-rend-tor is unset) MUST reject an
ntor key, even if the service actually does support it? Otherwise a
client could simply try it even if support is not advertised?
More information about the tor-dev
mailing list