[tor-dev] Proposal 198: Restore semantics of TLS ClientHello
Nick Mathewson
nickm at alum.mit.edu
Wed Mar 21 03:02:19 UTC 2012
On Tue, Mar 20, 2012 at 10:48 PM, Tom Ritter <tom at ritter.vg> wrote:
> On 20 March 2012 11:33, Nick Mathewson <nickm at freehaven.net> wrote:
>> Filename: 198-restore-clienthello-semantics.txt
>> Title: Restore semantics of TLS ClientHello
>> Author: Nick Mathewson
>> Created: 19-Mar-2012
>> Status: Open
>
> I've not worked with TLS renegotiations before, but could Tor perform
> a renegotiation after the initial handshake, and the renegotiation
> ciphersuites are taken at face value? Less performant, but also less
> complicated?
We used to do that; see proposal 176 and surrounding discussion for an
explanation of why we stopped.
Briefly: TLS renegotiation is detectable as renegotiation on the wire
by anybody who cares to watch. Renegotiating immediately after
connection makes us stand out more than we'd like to.
--
Nick
More information about the tor-dev
mailing list