[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: (FWD) TLS False Start



On Wed, Jun 2, 2010 at 12:42 PM, Roger Dingledine <arma@xxxxxxx> wrote:
> Forwarding for Adam.
>
> Any nice volunteer want to play with combining this with Tor?

While I'm on the subject, I'm probably going to send the OpenSSL patch
for nextprotoneg[1] upstream tomorrow.

This allows an application level protocol to be negotiated with the
TLS handshake. For example, a server could run a standard HTTPS server
on port 443 and also have that same port serve Tor when requested.

The server may choose to advertise Tor support in its handshake (in
the clear) or it may not and the Tor client can still request the Tor
protocol. The client's request is encrypted (and padded to a constant
length).

If that's interesting, let me know.



AGL


[1] http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00

-- 
Adam Langley agl@xxxxxxxxxxxxxxxxxx http://www.imperialviolet.org