[tor-talk] MITM attack on TLS
Ondrej Mikle
ondrej.mikle at gmail.com
Wed Nov 18 21:35:57 UTC 2015
On 11/18/2015 04:36 PM, Justin Davis wrote:
> I just learned that the IT department of an organization where I am
> will begin mass decryption on TLS traffic. Would this effect the use
> of the Meek pluggable transport? Just to give more information, the
> attack will be done by having every network user install a root cert
> in our browsers. Any information is apreciated.
I'm not entirely sure whether meek transport checks the certificate,
because it's not necessary since it just acts an encapsulation proxy for
Tor traffic.
However the IT admin would be able to see to which meek bridge are you
connecting to after the MitM (meek just sends the bridge in HTTP Host
header that is normally hidden inside TLS tunnel).
I haven't checked meek's development in a while, so this might not be
entirely accurate.
OM
More information about the tor-talk
mailing list