[tor-bugs] #11183 [Pluggable transport]: Make an HTTP requestor Firefox extension for meek-client

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Mar 21 23:11:57 UTC 2014


#11183: Make an HTTP requestor Firefox extension for meek-client
-------------------------------------+----------------------
     Reporter:  dcf                  |      Owner:  dcf
         Type:  project              |     Status:  assigned
     Priority:  normal               |  Milestone:
    Component:  Pluggable transport  |    Version:
   Resolution:                       |   Keywords:  meek
Actual Points:                       |  Parent ID:  #10935
       Points:                       |
-------------------------------------+----------------------

Comment (by dcf):

 Replying to [comment:9 dcf]:
 > A potential problem: Tor Browser's TLS ClientHello differs slightly from
 Firefox's. Tor Browser doesn't send the "SessionTicket TLS" extension. I
 think it's on account of #4099.

 Setting the pref security.enable_tls_session_tickets=true is enough to
 make the "SessionTicket TLS" extension appear. I'm not sure what other
 side effects it may have. (See comment:6:ticket:4099 ff.)

 Still holding out hope that we can avoid shipping a second browser binary,
 my thinking now is that we should run the meek HTTP helper in a separate
 instance of Tor Browser, under a separate profile. The separate profile
 will have at least the following configuration changes:
  * network.proxy.socks_remote_dns=false
  * security.enable_tls_session_tickets=true
 The second instance should be headless so there's no chance of a user
 interacting with it directly. (Perhaps the HTTP helper itself could
 enforce headlessness.)

 A separate process and profile means that we can be freer in changing
 settings that might compromise the security of Tor Browser. The separate
 profile will have its own history and cookies. The second profile won't be
 used for browsing: it is strictly an HTTPS driver under the control of a
 pluggable transport.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11183#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list