2005-08-17 jrandom

* Revise the SSU peer testing protocol so that Bob verifies Charlie's
      viability before agreeing to Alice's request.  This doesn't work with
      older SSU peer test builds, but is backwards compatible (older nodes
      won't ask newer nodes to participate in tests, and newer nodes won't
      ask older nodes to either).

router/doc/udp.html

@@ -1,4 +1,4 @@
-<code>$Id: udp.html,v 1.14 2005/07/27 14:04:07 jrandom Exp $</code>
+<code>$Id: udp.html,v 1.15 2005/08/03 13:58:13 jrandom Exp $</code>
 
 <h1>Secure Semireliable UDP (SSU)</h1>
 <b>DRAFT</b>
@@ -573,8 +573,10 @@ quite simple:</p>
 
 <pre>
         Alice                  Bob                  Charlie
-    PeerTest ------------------&gt;
-         &lt;-------------PeerTest  PeerTest-------------&gt;
+    PeerTest -------------------&gt;
+                             PeerTest--------------------&gt;
+                                &lt;-------------------PeerTest
+         &lt;-------------------PeerTest
          &lt;------------------------------------------PeerTest
     PeerTest------------------------------------------&gt;
          &lt;------------------------------------------PeerTest
@@ -592,7 +594,8 @@ that may be reached are as follows:</p>
 up to a certain number of times, but if no response ever arrives,
 she will know that her firewall or NAT is somehow misconfigured, 
 rejecting all inbound UDP packets even in direct response to an
-outbound packet.  Alternately, Bob may be down.</li>
+outbound packet.  Alternately, Bob may be down or unable to get 
+Charlie to reply.</li>
 
 <li>If Alice doesn't receive a PeerTest message with the 
 expected nonce from a third party (Charlie), she will retransmit
@@ -713,4 +716,4 @@ with either Bob or Charlie, but it is not required.</p>
  <dd>If the peer address contains the 'B' capability, that means
      they are willing and able to serve as an introducer - serving
      as a Bob for an otherwise unreachable Alice.</dd>
-</dl>
+</dl>