[tor-dev] Proposal: Bridge Detection Resistance against MITM-capable Adversaries

Marsh Ray marsh at extendedsubset.com
Tue Nov 8 18:07:06 UTC 2011


On 11/08/2011 09:36 AM, George Kadianakis wrote:
>
> Some arguments to consider against the tagging idea are:
> c) We most probably won't be able to tag CA-signed certificates.

TLS 1.0 over TCP port 443 with a server cert rooting to a well-known CA 
is probably the biggest stream of opaque traffic on the Internet.

Seems like it would be a big loss to not be able to blend in with that.

- Marsh


More information about the tor-dev mailing list