[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18655 [Obfuscation/meek]: Make meek-server easy to use with Let's Encrypt



#18655: Make meek-server easy to use with Let's Encrypt
------------------------------+---------------------
 Reporter:  dcf               |          Owner:  dcf
     Type:  enhancement       |         Status:  new
 Priority:  Medium            |      Milestone:
Component:  Obfuscation/meek  |        Version:
 Severity:  Normal            |     Resolution:
 Keywords:                    |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+---------------------

Comment (by gtank):

 Here's my branch using Russ Cox's LE client library. It's a new
 dependency, but only about 50 lines of code in meek-server itself:
 http://github.com/gtank/meek/tree/letsencrypt

 The example torrc works fine on a Debian machine and starts bridging
 without noticeable delay on first fetch. The biggest caveats I can think
 of are

 1) It manages the keys and certificates in a cache file on disk. There are
 good reasons for this (https://godoc.org/rsc.io/letsencrypt#hdr-
 Persistent_Storage) but it isn't strictly necessary.

 2) If meek-server isn't listening on 443, this starts a new listener there
 since Let's Encrypt doesn't give you another option.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18655#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs