[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] [Proposal] Obfuscating the Tor Browser Bundle initial download



> The environment you're were in was mounting a MITM attack to break TLS,
> or has compromised your box, because the only component of the URL that
> is visible otherwise is the host in the SNI field.
>
> In such an environment, gettor in general isn't unblockable because
> there is no privacy/security for the request/response messages.
>
> Regards,
>
> -- 
> Yawning Angel

Sorry, I'm not completely familiar with how TLS works.

The environment requires an HTTPS proxy to reach the World Web Web.

Do HTTP proxies inherently create a situation similar to MITM?


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev