[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 198: Restore semantics of TLS ClientHello



On Tue, Mar 20, 2012 at 10:48 PM, Tom Ritter <tom@xxxxxxxxx> wrote:
> On 20 March 2012 11:33, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote:
>> Filename: 198-restore-clienthello-semantics.txt
>> Title: Restore semantics of TLS ClientHello
>> Author: Nick Mathewson
>> Created: 19-Mar-2012
>> Status: Open
>
> I've not worked with TLS renegotiations before, but could Tor perform
> a renegotiation after the initial handshake, and the renegotiation
> ciphersuites are taken at face value?  Less performant, but also less
> complicated?

We used to do that; see proposal 176 and surrounding discussion for an
explanation of why we stopped.

Briefly: TLS renegotiation is detectable as renegotiation on the wire
by anybody who cares to watch.  Renegotiating immediately after
connection makes us stand out more than we'd like to.

-- 
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev