On Tue, Mar 20, 2012 at 10:48 PM, Tom Ritter tom@ritter.vg wrote:
On 20 March 2012 11:33, Nick Mathewson nickm@freehaven.net wrote:
Filename: 198-restore-clienthello-semantics.txt Title: Restore semantics of TLS ClientHello Author: Nick Mathewson Created: 19-Mar-2012 Status: Open
I've not worked with TLS renegotiations before, but could Tor perform a renegotiation after the initial handshake, and the renegotiation ciphersuites are taken at face value? Less performant, but also less complicated?
We used to do that; see proposal 176 and surrounding discussion for an explanation of why we stopped.
Briefly: TLS renegotiation is detectable as renegotiation on the wire by anybody who cares to watch. Renegotiating immediately after connection makes us stand out more than we'd like to.