On Mon, 26 Oct 2015 15:44:59 +0800 Da Feng <sunspiderx@xxxxxxxxx> wrote: > Hi: > I've discovered that the GFW normally doesn't block https > protocols. We can use a https front tier to distribute connections to > actual bridges. The front tier encrypts an internal address identifier > with its private key (no matching public key or public algorithm) and > returns to user the encrypted identifier, part of which also includes > the user's chosen password. Then when submitting requests, the user > encrypt again with his password the items such as his timestamp, > broswer headers. The request line to https server is no different from > an ordinary one and include both the user encrypted item and front > tier encrypted item. After the connection is established, data is > relayed inside https between bridge and user. So... meek (https://trac.torproject.org/projects/tor/wiki/doc/meek), the basis of which will probably also be used for bridge distribution purposes in the future. Regards, -- Yawning Angel
Attachment:
pgpNC0aPaa6Tq.pgp
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev