[tor-bugs] #5488 [Analysis]: Write Internet drafts for one or two TLS features to improve its traffic-analysis resistance
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Apr 26 17:14:41 UTC 2012
#5488: Write Internet drafts for one or two TLS features to improve its traffic-
analysis resistance
----------------------+-----------------------------------------------------
Reporter: karsten | Owner: nickm
Type: project | Status: new
Priority: normal | Milestone: Sponsor F: November 1, 2012
Component: Analysis | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------+-----------------------------------------------------
Comment(by mikeperry):
For our records, Marsh is lobbying for replacing the plaintext NPN that
Google currently uses with a DH handshake as part of ClientHello and
ServerHello. The server would use the DH key to encrypt the cert chain for
the client in the ServerHello reply itself. IUC, the client would then put
the NPN bits as part of its Finished message, also encrypted with the key.
So they seem to be totally open to redoing the TLS handshake to provide
less data on the wire for blocking. I think the server cert chain will be
a major issue for us, unless we want to do gymnastics like providing fake
unused certs, so the plan seems like a step in the right direction to
me...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5488#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list