[tor-bugs] #26425 [Core Tor/Tor]: Add functionality to set SNI for client connections

[Tor Bug Tracker & Wiki]

#26425: Add functionality to set SNI for client connections
--------------------------+------------------------------
 Reporter:  twim          |          Owner:  (none)
     Type:  enhancement   |         Status:  needs_review
 Priority:  Medium        |      Milestone:
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:  asn           |        Sponsor:
--------------------------+------------------------------

Comment (by arma):

 I can't imagine normal users would have any chance of figuring out that
 they need to set this option, and then picking a good option for it.

 I would be a bit happier with some sort of adaptive "oh I'm in this
 network situation, I need to set my SNI like this" algorithm that Tor just
 does for you. But for that case I would be worried about a network that
 induces changes in SNI behavior, to confirm that you're being a Tor
 client.

 Did we get an answer to "which firewalls?"

 Tor (that is, the vanilla Tor protocol) isn't doing very well these days
 at imitating real TLS from real browsers. That arms race has mainly
 shifted to pluggable transports.

 Big picture: if we think we can fix things for a lot of users here, we
 should try to do it. But if adding this patch will fix things for
 approximately zero users, maybe we should send those people to use
 pluggable transports instead.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26425#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online