[tor-bugs] #4743 [Pluggable transport]: obfsproxy: obfs2 server sends handshake message on client connection
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Dec 19 17:41:37 UTC 2011
#4743: obfsproxy: obfs2 server sends handshake message on client connection
---------------------------------+------------------------------------------
Reporter: asn | Owner: asn
Type: defect | Status: needs_review
Priority: normal | Milestone:
Component: Pluggable transport | Version:
Keywords: | Parent:
Points: | Actualpoints:
---------------------------------+------------------------------------------
Comment(by asn):
Replying to [comment:3 nickm]:
> This sounds more fingerprintable, not less. Previously, both sides
immediately sent stuff. Now, the client sends a certain amount of stuff,
and the server responds immediately after getting a fixed amount of it.
>
> IOW, I don't buy reason a or reason b as an adequate reason to make this
change. So can you say more about reason c ("it's less fingerprintable")?
I was thinking that not many protocols have the server send data before
receiving any data from the client. obfs2 does that, since the server will
send data to the client right after the client establishes the connection.
By the way, I'm not sure if "Now, the client sends a '''certain''' amount
of stuff, and the server responds immediately after getting a '''fixed'''
amount of it." is correct. Since padding is part of the initial message,
the server will wait till he receives the whole initial message from the
client (which should be a sequence of TCP packets carrying padding),
before sending his.
In any case, I'm not sure if the above is true, and I don't think They
would '''ever''' use the fingerprint I mentioned above to censor obfs2, so
I think we can forget this branch. I also agree that reasons a and b are
not compelling at all.
Finally, since we are not doing this, I made a minor fix for `doc
/protocol-spec.txt` in a branch named `bug4743_take2`; check it out!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4743#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list