Quick question about TOR and use of SSL

yousifnet yousifnet at gmail.com
Fri May 16 20:28:03 UTC 2008


> First, my understanding of SSL is that it creates a direct tunnel from
> your computer to the web server (or router if the SSL certificate is bound to
> somthing like a load-balancing router).  If this is correct, wouldn't this "short
> circuit" the TOR purpose of obfuscation?

[Normal SSL]
A) user sends encrypted message to proxy
B) proxy forwards the message to the server
C) server responds with another encrypted message to the proxy
D) proxy forwards the encrypted message to the user
E) proxy can't read or change anything in between

USER  <<===>>   PROXY <<===>>  SERVER

[Tor with SSL]
A) Same as above. The proxy can be more than one server(two, three servers,etc.)
B) proxies still can't read anything (semi-redundant but that's another story)

USER <<==>> PROXY1<<==>> PROXY2 <<==>> PROXY3 <<==>> SERVER



More information about the tor-talk mailing list