[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Quick question about TOR and use of SSL
- To: or-talk@xxxxxxxxxxxxx
- Subject: Quick question about TOR and use of SSL
- From: "Chris Burge" <burgechris@xxxxxxxxx>
- Date: Fri, 16 May 2008 14:28:31 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Fri, 16 May 2008 14:28:37 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=AVWZq/kArpZLfwsZgmj95PojBA5cLImCagzyVpSk818=; b=u0n0+lBoJucJo/6T+dFbrTRic2ZWKyO7fsM62vB5XTAbbAwj/Y+behAFTa9Z00L4chmuKug9mrVHdruqdGqRQZNIwbRO0YESh4rYnj3FkEFwou7Iyfaw/Go07D2lsSUFiMuLcTO61LlvIB1W27NTkgvG9DoBNThFsbesh/KWhtk=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=rSwdLUI09Zoi1485aFc2xXTtwyoFL6i9knkvaAl2hvmTx6Umqs8KjriaGwZkwdfj7Wtf112MObCU0nAATDcR7QdsXyOqOl8/LGxuieZMkucaUuDm+w/9AvyC+dKJHK6/wxSx7ifmP3MFJ8WgnmlPyS2Ub65G9WCOvSsgMGrDdvI=
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
This has been bouncing around my head for a few weeks but I haven't had the time to either research or even figure out how to get my definitive answer without asking. My question is 2-fold in that it works on the hows of SSL and in relation to TOR. If this is answered on the tor-project site then my thick head isn't processing so my apologies. First, my understanding of SSL is that it creates a direct tunnel from your computer to the web server (or router if the SSL certificate is bound to somthing like a load-balancing router). If this is correct, wouldn't this "short circuit" the TOR purpose of obfuscation? On that note, isn't the 48,62,128,256 bit SSL encryption there so that no one can do a packet sniff on the packets at the accepting routers outside the DMZ (i.e. an example would be a load balancer that doesn't do SSL but just passes that to a web server on the farm) but not for regular traffic through the multiple hops on port 80?
Hopefully I'm making my question clear and I can get a definitive answer.