[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting

To: tor-project@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
From: Kate Krauss <ailanthus@xxxxxxxxxx>
Date: Wed, 18 Jul 2018 16:20:05 -0700
In-reply-to: <CAFWeb9KvM5Zj4otLFDE4HS1xhtFPWvSiX+guj-G0-qA4N8WpjQ@mail.gmail.com>
List-id: "Moderated discussion list for tor contributors." <tor-project.lists.torproject.org>
Mail-reply-to: ailanthus@xxxxxxxxxx
References: <etPan.5b4f6d6b.3de9da61.74a7@torproject.org> <d5c5356ac1727a9e84929a598502cf3c@riseup.net> <CAFWeb9KvM5Zj4otLFDE4HS1xhtFPWvSiX+guj-G0-qA4N8WpjQ@mail.gmail.com>
Reply-to: tor-project@xxxxxxxxxxxxxxxxxxxx, ailanthus@xxxxxxxxxx
Sender: "tor-project" <tor-project-bounces@xxxxxxxxxxxxxxxxxxxx>

On 2018-07-18 6:20 pm, Alec Muffett wrote:
> On Wed, 18 Jul 2018, 18:03 Kate Krauss, <ailanthus@xxxxxxxxxx> wrote:
> 
>> This is a helpful letter and domain fronting would probably benefit
>> from
>> more public advocacy. The letter did not get much media coverage.
>> There
>> will be lots of reporters at HOPE who may be interested and probably
>> more than one organization that benefits from domain fronting.
> 
> Hi Kate!
> 
> I stand by my criticism as posted at:
> 
> https://twitter.com/AlecMuffett/status/1019468247823978496
> 
> …in short: that DF is an ugly hack that relies on "SNI" - a feature
> of SSL which in daily life is leveraged to enable, not bypass,
> filtering and censorship.
> 
> It may be artfully ironic with DF to leverage SNI "for good", but it
> would probably be wiser to learn to live without either/both, instead
> encouraging wider adoption of the controversial "TLS 1.3" standard
> along with the draft "encrypted SNI" feature. 
> 
> This would be much more in keeping with the Tor ethos of "anonymity
> loves company". 
> 
> That any Civil Society organisation is calling for the retention of
> SNI, is a bit perverse.
> 
> -a
 
Hi Alex,

Aha, this is news to me. Could you possibly Explain Like I'm 5: Why is
SNI not good, why is TLS 1.3 controversial, and why is it not good to
have domain fronting as a tactic we use until we figure out a better one
(or preserve it as part of an evolving toolkit)? We could reach a lot of
censored users if we had it. I'm assuming this relates to "anonymity
loves company" but I don't understand how (literally).

Also, I'm troubled by Google and Amazon's willingness to make a
unilateral decision that negatively affects human rights. It is a bad
precedent. 

Thanks,

Katie

PS: Tor's mission statement, fwiw (it probably supports multiple points
of view on DF): "To advance human rights and freedoms by creating and
deploying free and open anonymity and privacy technologies, supporting
their unrestricted availability and use, and furthering their scientific
and popular understanding."


_______________________________________________
tor-project mailing list
tor-project@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

Follow-Ups:
- Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
  - From: Alec Muffett
- Re: [tor-project] Alec, not Alex
  - From: Kate Krauss
- Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
  - From: Yawning Angel

References:
- [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
  - From: Arturo Filastò
- Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
  - From: Kate Krauss
- Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
  - From: Alec Muffett

Prev by Author: Re: [tor-project] Alec, not Alex
Next by Author: Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
Previous by thread: Re: [tor-project] US congress wrote a letter to Google and Amazon on domain fronting
Next by thread: Re: [tor-project] Alec, not Alex
Index(es):
- Author
- Thread