[tor-project] US congress wrote a letter to Google and Amazon on domain fronting
Kate Krauss
ailanthus at riseup.net
Wed Jul 18 23:20:05 UTC 2018
On 2018-07-18 6:20 pm, Alec Muffett wrote:
> On Wed, 18 Jul 2018, 18:03 Kate Krauss, <ailanthus at riseup.net> wrote:
>
>> This is a helpful letter and domain fronting would probably benefit
>> from
>> more public advocacy. The letter did not get much media coverage.
>> There
>> will be lots of reporters at HOPE who may be interested and probably
>> more than one organization that benefits from domain fronting.
>
> Hi Kate!
>
> I stand by my criticism as posted at:
>
> https://twitter.com/AlecMuffett/status/1019468247823978496
>
> …in short: that DF is an ugly hack that relies on "SNI" - a feature
> of SSL which in daily life is leveraged to enable, not bypass,
> filtering and censorship.
>
> It may be artfully ironic with DF to leverage SNI "for good", but it
> would probably be wiser to learn to live without either/both, instead
> encouraging wider adoption of the controversial "TLS 1.3" standard
> along with the draft "encrypted SNI" feature.
>
> This would be much more in keeping with the Tor ethos of "anonymity
> loves company".
>
> That any Civil Society organisation is calling for the retention of
> SNI, is a bit perverse.
>
> -a
Hi Alex,
Aha, this is news to me. Could you possibly Explain Like I'm 5: Why is
SNI not good, why is TLS 1.3 controversial, and why is it not good to
have domain fronting as a tactic we use until we figure out a better one
(or preserve it as part of an evolving toolkit)? We could reach a lot of
censored users if we had it. I'm assuming this relates to "anonymity
loves company" but I don't understand how (literally).
Also, I'm troubled by Google and Amazon's willingness to make a
unilateral decision that negatively affects human rights. It is a bad
precedent.
Thanks,
Katie
PS: Tor's mission statement, fwiw (it probably supports multiple points
of view on DF): "To advance human rights and freedoms by creating and
deploying free and open anonymity and privacy technologies, supporting
their unrestricted availability and use, and furthering their scientific
and popular understanding."
More information about the tor-project
mailing list