[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #25594 [Obfuscation/Snowflake]: Broker: investigate non-domain-fronting secure client / proxy registrations



#25594: Broker: investigate non-domain-fronting secure client / proxy registrations
-----------------------------------+------------------------
 Reporter:  arlolra                |          Owner:  (none)
     Type:  defect                 |         Status:  new
 Priority:  Medium                 |      Milestone:
Component:  Obfuscation/Snowflake  |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:                         |  Actual Points:
Parent ID:                         |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------

Comment (by fs):

 TapDance also sounds like a good fit(perhaps, fallback) for rendezvous
 protocol.
 Currently existing TapDance deployment doesn't cover enough high-value
 decoys to be truly resistant to enumeration attacks, but, hopefully, that
 will change in future.

 Should be pretty easy to integrate: you just need to give TapDance a
 folder to store things, copy initial config(ask devs to send you one) in
 that folder, and then you could just
 `conn, err := tapdance.Dial("tcp", "snowflake-broker.org:443")` - same
 signature as `net.Dial`.

 > We should (but don't yet) encrypt client registration messages
 If you want to do TLS, you can then pass that `conn` into standard
 `tls.Client`

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25594#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs