[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: (FWD) TLS False Start
- To: or-dev@xxxxxxxxxxxxx
- Subject: Re: (FWD) TLS False Start
- From: Adam Langley <agl@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 2 Jun 2010 17:47:38 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-dev-outgoing@xxxxxxxx
- Delivered-to: or-dev@xxxxxxxx
- Delivery-date: Wed, 02 Jun 2010 17:47:50 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=SWMrMOYIAbhiRCjvgY8KsWqhp8gzd1TLZf4NHPsdjP8=; b=b7LscM4ZP2DOljR29gVY8/YcQ4ajagZfHS/M+Stui0L4iru/k/NHy+vdz/A7mHvtRZ ceRIeg2UygYuRIckBzXAVDpXdODe52tEtsdN63R7WBILe/h0hkv7U/WAaAbfZ6rd+X5k zNpf/RnGQVhuq3Wr7DwX+dLUvL61O6J6k/yvc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=Fiq2Zz//KQ7FqyVubgxHK33Wc4tTKVN7UJ2ok36hK1oSQPrBuSCW6IVBVWWsveB59m t62Gko8oXLCuSQHXysseNa29hfhSthmt0SmQcMVQmTMadmxkNoV/+bH+8v/wxC/1bh0S EgFVMWgHH4ON78cOAkG2rpX2mLx4MbDR4jfvE=
- In-reply-to: <20100602164220.GZ18088@xxxxxxxxxxxxxx>
- References: <20100602164220.GZ18088@xxxxxxxxxxxxxx>
- Reply-to: or-dev@xxxxxxxxxxxxx
- Sender: owner-or-dev@xxxxxxxxxxxxx
On Wed, Jun 2, 2010 at 12:42 PM, Roger Dingledine <arma@xxxxxxx> wrote:
> Forwarding for Adam.
>
> Any nice volunteer want to play with combining this with Tor?
While I'm on the subject, I'm probably going to send the OpenSSL patch
for nextprotoneg[1] upstream tomorrow.
This allows an application level protocol to be negotiated with the
TLS handshake. For example, a server could run a standard HTTPS server
on port 443 and also have that same port serve Tor when requested.
The server may choose to advertise Tor support in its handshake (in
the clear) or it may not and the Tor client can still request the Tor
protocol. The client's request is encrypted (and padded to a constant
length).
If that's interesting, let me know.
AGL
[1] http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00
--
Adam Langley agl@xxxxxxxxxxxxxxxxxx http://www.imperialviolet.org