On Mon, May 11, 2020 at 04:47:53PM -0400, Nick Mathewson wrote: > ## INTRODUCE cells, RENDEZVOUS cells, and ntor. > > We allow clients to specify the rendezvous point's ntor key in the > INTRODUCE2 cell instead of the TAP key. To do this, the client > simply sets KLEN to 32, and includes the ntor key for the relay. > > Clients should only use ntor keys in this way if the network parameter > "hsv2-client-rend-ntor" is set to 1, and if the entry "allow-rend-ntor" > is present in the onion service descriptor. > > Services should only advertise "allow-rend-ntor" in this way if the > network parameter "hsv2-service-rend-ntor" is set to 1.
It should be stronger, right? A service that does not advertise allow-rend-ntor (because hsv2-service-rend-tor is unset) MUST reject an ntor key, even if the service actually does support it? Otherwise a client could simply try it even if support is not advertised? _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
