From aaf552f2078b737427ab42f936807ed298c3bc3a Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Thu, 2 Mar 2017 13:28:31 -0400
Subject: clarification

---
 doc/tips/peer_to_peer_network_with_tor.mdwn               | 10 +++++-----
 .../comment_2_8180e202fc493ad07999a3367ccd9425._comment   | 15 +++++++++++++++
 2 files changed, 20 insertions(+), 5 deletions(-)
 create mode 100644 doc/tips/peer_to_peer_network_with_tor/comment_2_8180e202fc493ad07999a3367ccd9425._comment

(limited to 'doc')

diff --git a/doc/tips/peer_to_peer_network_with_tor.mdwn b/doc/tips/peer_to_peer_network_with_tor.mdwn
index d2aa89e0b..cefca3c0b 100644
--- a/doc/tips/peer_to_peer_network_with_tor.mdwn
+++ b/doc/tips/peer_to_peer_network_with_tor.mdwn
@@ -132,11 +132,11 @@ Tor hidden services can be quite secure. But this doesn't mean that using
 git-annex over Tor is automatically perfectly secure. Here are some things
 to consider:
 
-* Anyone who learns the address of a peer can connect to that peer,
-  download the whole history of the git repository, and any available
-  annexed files. They can also upload new files to the peer, and even
-  remove annexed files from the peer. So consider ways that the address
-  of a peer might be exposed.
+* Anyone who learns the onion address address and authentication data of a peer
+  can connect to that peer, download the whole history of the git repository,
+  and any available annexed files. They can also upload new files to the peer,
+  and even remove annexed files from the peer. So consider ways that the
+  authentication data of a peer might be exposed.
 
 * While Tor can be used to anonymize who you are, git defaults to including
   your name and email address in git commit messages. So if you want an
diff --git a/doc/tips/peer_to_peer_network_with_tor/comment_2_8180e202fc493ad07999a3367ccd9425._comment b/doc/tips/peer_to_peer_network_with_tor/comment_2_8180e202fc493ad07999a3367ccd9425._comment
new file mode 100644
index 000000000..de78462af
--- /dev/null
+++ b/doc/tips/peer_to_peer_network_with_tor/comment_2_8180e202fc493ad07999a3367ccd9425._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2017-03-02T17:24:23Z"
+ content="""
+@dvicory if someone only knows the onion service address, they can do
+nothing to your repository except connect to it and get rejected
+due to failure to authenticate. They need the authentication data too
+in order to do any of those things. That was talking about the
+addresses generated by `git annex peer --gen-addresses`, 
+which include authentication data.
+
+I've improved the wording to avoid confusion between git-annex's addresses
+and onion addresses.
+"""]]
-- 
cgit v1.2.3