(FWD) TLS False Start

Adam Langley agl at imperialviolet.org
Wed Jun 2 21:47:38 UTC 2010


On Wed, Jun 2, 2010 at 12:42 PM, Roger Dingledine <arma at mit.edu> wrote:
> Forwarding for Adam.
>
> Any nice volunteer want to play with combining this with Tor?

While I'm on the subject, I'm probably going to send the OpenSSL patch
for nextprotoneg[1] upstream tomorrow.

This allows an application level protocol to be negotiated with the
TLS handshake. For example, a server could run a standard HTTPS server
on port 443 and also have that same port serve Tor when requested.

The server may choose to advertise Tor support in its handshake (in
the clear) or it may not and the Tor client can still request the Tor
protocol. The client's request is encrypted (and padded to a constant
length).

If that's interesting, let me know.



AGL


[1] http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00

-- 
Adam Langley agl at imperialviolet.org http://www.imperialviolet.org



More information about the tor-dev mailing list