On Mon, May 11, 2020 at 5:58 PM Ian Goldberg iang@uwaterloo.ca wrote:
On Mon, May 11, 2020 at 04:47:53PM -0400, Nick Mathewson wrote:
## INTRODUCE cells, RENDEZVOUS cells, and ntor.
We allow clients to specify the rendezvous point's ntor key in the INTRODUCE2 cell instead of the TAP key. To do this, the client simply sets KLEN to 32, and includes the ntor key for the relay.
Clients should only use ntor keys in this way if the network parameter "hsv2-client-rend-ntor" is set to 1, and if the entry "allow-rend-ntor" is present in the onion service descriptor.
Services should only advertise "allow-rend-ntor" in this way if the network parameter "hsv2-service-rend-ntor" is set to 1.
It should be stronger, right? A service that does not advertise allow-rend-ntor (because hsv2-service-rend-tor is unset) MUST reject an ntor key, even if the service actually does support it? Otherwise a client could simply try it even if support is not advertised?
Ah yes, you're right.