[tor-dev] Proposal 198: Restore semantics of TLS ClientHello

Nick Mathewson nickm at alum.mit.edu
Wed Mar 21 03:02:19 UTC 2012

On Tue, Mar 20, 2012 at 10:48 PM, Tom Ritter <tom at ritter.vg> wrote:
> On 20 March 2012 11:33, Nick Mathewson <nickm at freehaven.net> wrote:
>> Filename: 198-restore-clienthello-semantics.txt
>> Title: Restore semantics of TLS ClientHello
>> Author: Nick Mathewson
>> Created: 19-Mar-2012
>> Status: Open
> I've not worked with TLS renegotiations before, but could Tor perform
> a renegotiation after the initial handshake, and the renegotiation
> ciphersuites are taken at face value?  Less performant, but also less
> complicated?

We used to do that; see proposal 176 and surrounding discussion for an
explanation of why we stopped.

Briefly: TLS renegotiation is detectable as renegotiation on the wire
by anybody who cares to watch.  Renegotiating immediately after
connection makes us stand out more than we'd like to.


More information about the tor-dev mailing list