[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Quick question about TOR and use of SSL
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Quick question about TOR and use of SSL
- From: yousifnet <yousifnet@xxxxxxxxx>
- Date: Fri, 16 May 2008 23:28:03 +0300
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Fri, 16 May 2008 16:28:09 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=mGG/MFDvLSL2DY0iT7iZs91LdjFSJ2OCKvXWVSVD8SU=; b=OA4H72xp6KH6d/l/dj14ILw3Ciq/ufIiBtzWrYPdoXXlMAZRnldzt16yR0N5eeQVc+nY8AzcrPQAOoQ2aqklbTcmQjD2pndp0zICyHakl1u9USsjOEQK708gQHAhUUAaz/PoUWUek26arncVF+JFCqAePLy1hwm7ODtlAfrdjsQ=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=so9DRPPx41cVsz1Su17OlPCBAd9Og4jJKHkDdCTJ9MJ8ZV4kqmmc+hDExdLgU3U1WvENJycNEzK82VMTTsh9TzzNigNMkJcopuoRg4o7onfczH3A3zJlLqwul9FWSEXtzOsoY2eBBA/oHqrCa/VgDw04ZWYJQjwzRKaEXXGCQUo=
- In-reply-to: <22cafe8b0805161128u3a469178l284210db242e7ad3@xxxxxxxxxxxxxx>
- References: <22cafe8b0805161128u3a469178l284210db242e7ad3@xxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
> First, my understanding of SSL is that it creates a direct tunnel from
> your computer to the web server (or router if the SSL certificate is bound to
> somthing like a load-balancing router). If this is correct, wouldn't this "short
> circuit" the TOR purpose of obfuscation?
[Normal SSL]
A) user sends encrypted message to proxy
B) proxy forwards the message to the server
C) server responds with another encrypted message to the proxy
D) proxy forwards the encrypted message to the user
E) proxy can't read or change anything in between
USER <<===>> PROXY <<===>> SERVER
[Tor with SSL]
A) Same as above. The proxy can be more than one server(two, three servers,etc.)
B) proxies still can't read anything (semi-redundant but that's another story)
USER <<==>> PROXY1<<==>> PROXY2 <<==>> PROXY3 <<==>> SERVER