On Sat, Jul 27, 2013 at 05:17:29PM +0300, Lag Inimaineb wrote:
Specifically, after reading Nick Mathewson's proposal, I can see it is pretty much identical to what I've proposed (though his proposal has been around for more than a year). Do you have any information as to whether anyone has been/is working on implementing it?
I'm not aware of anyone doing that. I believe, it was a potential GSoC project but nobody had the time to mentor it. See also: https://www.torproject.org/getinvolved/volunteer.html.en#httpsImpersonation
As for suggestions such as SWEET, FreeWave, etc. - those would require changes to the TOR clients (right?), which makes them probably less easy to use, unless they are merged into the TOR mainline. Same goes for ScambleSuit, since the shared secret much somehow be delivered out-of-band, which is not always an easy feat to accomplish.
Not necessarily. The idea of obfsproxy is to put circumvention functionality into a separate program and let Tor only do what it does best: provide anonymity. Besides, the circumvention race is a quick one and obfsproxy makes it possible for us to (semi-)quickly deploy novel circumvention protocols. Also, because it makes use of Python which is more pleasant for experimental protocols than C.
Nevertheless, as you say, many of these protocols require changes to obfsproxy or completely new frameworks. Regarding ScrambleSuit's shared secret: some parts in the Tor world must be changed but we are working on it. For more details, please see: https://trac.torproject.org/projects/tor/ticket/8979 https://trac.torproject.org/projects/tor/ticket/9013
Cheers, Philipp