Justin: > Also, I have no option but to keep the cert because if I don’t the > filter may use DPI to block TLS for me. Funny! I mean that you're already have no TLS, because actual TLS is terminated at your ITDep. You should remove these CAs - you have nothing to lose! When TLS is blocked (looks too problematically when it comes to the reasons of this censorship, but possible) try another Pluggable Transport. -- Ivan Markin
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk