[tor-bugs] #29077 [Obfuscation/meek]: uTLS for meek-client camouflage
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 22 09:05:17 UTC 2019
#29077: uTLS for meek-client camouflage
------------------------------+---------------------
Reporter: dcf | Owner: dcf
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/meek | Version:
Severity: Normal | Resolution:
Keywords: moat utls | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+---------------------
Comment (by yawning):
> 100% of the failures used a fingerprint with TLSv1.3, while only 28% of
the successes did. I haven't dug deeper to see what the difference between
the success and failure TLSv1.3 handshakes is.
The kludges inherited from `crypto/tls` only apply when TLS 1.3 is
requested.
* https://github.com/refraction-
networking/utls/blob/master/handshake_client.go#L121
* https://github.com/refraction-
networking/utls/blob/master/handshake_client_tls13.go#L300
* https://github.com/refraction-
networking/utls/blob/master/handshake_client_tls13.go#L215
Making the library support the NIST curves is trivial, and would fix this
problem.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29077#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list