[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 13 Mar 2012 02:50:35 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 12 Mar 2012 22:50:46 -0400
In-reply-to: <043.7f6071672bc6560be46416d542ff3270@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.7f6071672bc6560be46416d542ff3270@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4744: GFW probes based on Tor's SSL cipher list
--------------------------------+-------------------------------------------
 Reporter:  asn                 |          Owner:  nickm             
     Type:  defect              |         Status:  needs_revision    
 Priority:  major               |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Bridge          |        Version:                    
 Keywords:  tls fingerprinting  |         Parent:  #4185             
   Points:                      |   Actualpoints:                    
--------------------------------+-------------------------------------------

Comment(by hellais):

 Replying to [comment:15 nickm]:
 > Looks like the only commit we'd want from this is
 863442ff2edaed726590eb2a9e2aa58aa64f6247 ; the rest is all old tor2web
 junk.
 >
 > Hellais, please reset your master to point at origin/master if you
 haven't done so already.
 >

 Ok will do.

 > Other stuff:
 >   * Were these files made, like the existing ciphers.inc, using the perl
 script and the firefox/chrome source?  Or did you make them by hand?  If
 the latter, have you checked them for accuracy via sniffing or something?

 It was generated with a python script by sniffing the accepted cipher list
 of Google Chrome 17.0.963.56  and Firefox 8.

 >   * Makefile.am will need to mention the new files, so they get
 distributed.

 Ok.

 >   * The patch should probably remove ciphers.inc as unused.

 I was thinking that probably there isn't a lot of benefit of being able to
 compile your Tor with a different set of ciphers to use and maybe it could
 be best to simply replace ciphers.inc with the FF ciphers.
 The goal of this is to avoid Tor being distiguishable based on the ciphers
 it advertises, maybe we should just keep our cipher set up to date with
 what is the current mainstream browser.

 This process of "updating" the cipher suite should be automatized and read
 it from the FF or Chrome source code.

 What do you think?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4744#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5373 [Tor Client]: "socksport 2000 testingtornetwork 1" results in socksport 9050
Next by Author: Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list
Previous by thread: Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list
Next by thread: Re: [tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list
Index(es):
- Author
- Thread