[tor-bugs] #10935 [Pluggable transport]: Make bundles featuring meek
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Mar 8 17:46:05 UTC 2014
#10935: Make bundles featuring meek
-------------------------------------+----------------------
Reporter: dcf | Owner: dcf
Type: project | Status: assigned
Priority: normal | Milestone:
Component: Pluggable transport | Version:
Resolution: | Keywords: meek
Actual Points: | Parent ID:
Points: |
-------------------------------------+----------------------
Comment (by dcf):
Replying to [comment:3 asn]:
> d) Make its TLS layer less easily fingerpintable.
This is my thinking on [[HTTPS
fingerprintability|doc/meek#Distinguishability]] and deployment. We should
first take care of the trivial fingerprinting issues, namely client
ciphersuites and TLS extensions, and then make the first deployment. Those
two are the things for which a firewall rule can be written in five
minutes. The other issues are things like traffic statistics, which are
important but not immediately important in that it takes time to make a
classifier and even then it's not 100%.
I'm working on a TBB browser extension to make HTTPS requests on behalf of
meek-client. That will get us Firefox's ciphersuites and TLS extensions,
and I think is more realistically deployable than, say, packaging another
browser in the TBB, and more future-proof than writing a custom OpenSSL or
NSS program that closely tries to imitate browser TLS.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10935#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list