From 9c7680d1f870b8504d1bca0fe9ab61565816602b Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Mon, 15 May 2023 16:27:53 -0400
Subject: [PATCH] rpc: Clarify how authentication works.

---
 doc/dev/notes/rpc-meta-draft.md | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/doc/dev/notes/rpc-meta-draft.md b/doc/dev/notes/rpc-meta-draft.md
index dd8d425bc..d359ae33e 100644
--- a/doc/dev/notes/rpc-meta-draft.md
+++ b/doc/dev/notes/rpc-meta-draft.md
@@ -500,17 +500,12 @@ while concurrently reading arti's replies.
 ## Authentication
 
 When a connection is first opened,
-only authentication requests may be use
-until authentication is successful.
+only a single "connection" object is available.
+Its object ID is "`connection`".
+The client must authenticate to the connection
+in order to receive any other object IDs.
 
-> TODO: Perhaps it would be a good idea to say
-> that when a connection is opened,
-> there is an authentication Object (not a session Object)
-> and only _that Object_ can be used
-> until one of its responses eventually gives the application
-> a session Object?
-
-The authentication schemes are:
+The pre-authentication methods available on a connection are:
 
 auth:get_proto
 : Ask Arti which version of the protocol is in use.