[tor-bugs] #25594 [Obfuscation/Snowflake]: Broker: investigate non-domain-fronting secure client / proxy registrations
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 28 16:43:48 UTC 2018
#25594: Broker: investigate non-domain-fronting secure client / proxy registrations
-----------------------------------+------------------------
Reporter: arlolra | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------------+------------------------
Comment (by fs):
TapDance also sounds like a good fit(perhaps, fallback) for rendezvous
protocol.
Currently existing TapDance deployment doesn't cover enough high-value
decoys to be truly resistant to enumeration attacks, but, hopefully, that
will change in future.
Should be pretty easy to integrate: you just need to give TapDance a
folder to store things, copy initial config(ask devs to send you one) in
that folder, and then you could just
`conn, err := tapdance.Dial("tcp", "snowflake-broker.org:443")` - same
signature as `net.Dial`.
> We should (but don't yet) encrypt client registration messages
If you want to do TLS, you can then pass that `conn` into standard
`tls.Client`
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25594#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list