commit 7411e54cd7d7f2bbb70364218a35f2b48a8ee0ed Author: Nick Mathewson <nickm@torproject.org> Date: Mon Jul 24 14:19:40 2017 -0400 Add a note on (not) using TLS compression. --- tor-spec.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tor-spec.txt b/tor-spec.txt index 86fdcc6..3be622f 100644 --- a/tor-spec.txt +++ b/tor-spec.txt @@ -390,6 +390,10 @@ see tor-design.pdf. exacerbate some attacks (e.g. the "Triple Handshake" attack from Feb 2013), and it plays havoc with forward secrecy guarantees. + Implementations SHOULD NOT allow TLS compression -- although we don't + know a way to apply a CRIME-style attack to current Tor directly, + it's a waste of resources. + 3. Cell Packet format The basic unit of communication for onion routers and onion