agl at imperialviolet.org
Mon Feb 21 20:54:03 UTC 2011
On Mon, Feb 21, 2011 at 2:34 PM, Tim Wilde <twilde at cymru.com> wrote:
> Any static list is going to, by definition, have to exist within the
> source code, and thus will be very easy for an even moderately
> determined censor to find. If we're going to do that we had better be
> doing it with something that we know will cause massive collateral
> damage and thus would be much more likely to be avoided; I just don't
> see that happening with any of these devices.
I agree that forcing collateral damage is the key here. The current
code generates `random' certificates, but it's pretty easy to pattern
match them and there's no collateral damage to doing so.
The hope was that something would be an obvious candidate. I've seen
the Internet Widgets certificate a fair bit in personal experience,
but it appears much less frequently than I expected.
If the random generation could be made much better then it's a
reasonable answer, at the cost of more code complexity and no
collateral damage. I suspect that the cat and mouse game only stops
when the collateral damage is too large, or all self-signed certs are
Adam Langley agl at imperialviolet.org http://www.imperialviolet.org
tor-dev mailing list
tor-dev at lists.torproject.org
More information about the tor-dev