-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey All, In some recent research we came across another easily-fingerprintable attribute of the Tor TLS handshake, so I would like to propose this addition to Proposal 179: https://github.com/twilde/torspec/commit/c202230b40c72cbdbe43bbda9cc1a7caad3... Or, if in my git-newb-ish-ways I represent this correctly: git://github.com/twilde/torspec.git@c202230b40 Short summary: we should send an SSL Session ID, even if we don't track it or ever use it (which I wouldn't suggest we do) because not sending one makes us stick out like a sore thumb. :) Apologies if my git-newb-ish-nes makes this more difficult to grab, pointers welcome (I may be a git newb but I'm totally in love with it, mmm, sexy VCS :)). Thanks, Tim - -- Tim Wilde, Senior Software Engineer, Team Cymru, Inc. twilde@cymru.com | +1-847-378-3333 | http://www.team-cymru.org/ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAk6DkC0ACgkQluRbRini9tgfGACeKF41vKvoOvGFEHq5JXU9/u38 RWsAn1mb6MX0gvut6/ROYl0Kg6NQoF/e =2PWa -----END PGP SIGNATURE-----