[tor-bugs] #7277 [Tor]: timestamp leaked in TLS client hello
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 28 03:57:24 UTC 2012
#7277: timestamp leaked in TLS client hello
------------------------+---------------------------------------------------
Reporter: proper | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version:
Keywords: tor-client | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by asn):
Sounds good. I guess the next step to figure out is whether we can do
callback hacks to play with OpenSSL's `ssl3_state_st.client_random` at the
correct time.
Maybe another long-term step would be to write a #5488-like proposal in an
attempt to persuade implementations and IETF to stop putting their
timestamps inside `{Client,Server}Hello.random`? Why does it happen
anyway? The reasos is not explained in RFC5246.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7277#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list