Threats to anonymity set at and above the application layer; HTTP headers
    Anothony Georgeo 
    anogeorgeo at yahoo.com
       
    Mon May 22 04:12:34 UTC 2006
    
    
  
Hi Nick,
--- Nick Mathewson <nickm at freehaven.net> wrote:
[snip]
> Right, we need one of these.  Ideally, it would be
> for a Free Sotware proxy that isn't completely
> unsupported and unmaintained: privoxy is showing 
> its age.  I have hopes for proxymodo if it ever 
> becomes portable.
> [snip]
> -- 
> Nick Mathewson
IMO a needed and important feature of any
'filtering/scrubbing' proxy appliction is some sort of
'on-the-fly' decryption>scrubbing>encryption scheme
for ingress/egress HTTPS traffic.
If the appliction could do on-the-fly HTTPS filtering
it would solve our problem.  Not to metion how much
trouble non-tech end-users will have grapsing the
concept of HTTP vs. HTTPS and their related
anonymity/security issues.  Even more difficult for
most end-users will be configuring Privoxy correctly;
imagine if the end-user does not read/comprehend
English well. 
I believe proxomitron [ ;-) ] at one time had an
on-the-fly decryption>scrubbing>encryption feature for
HTTPS ingress/egress traffic on the to-do list.  This
feature was never implimented and there was concern
about the security of on-the-fly
decryption>scrubbing>encryption of HTTPS traffic by
any proxy appliction.
Phillip Zimmermann just released his new VoIP
encryption program called "Zfone".  Zfone
encrypts/decrypts VoIP traffic on-the-fly; much as I
envision the proxy appliction would work with HTTPS
traffic.  Zfone captures and encrypts the VoIP egress
traffic after it leaves the VoIP appliction.  Zfone
then captuers and decrypts the VoIP ingress traffic
before it reaches the VoIP appliction.
__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
    
    
More information about the tor-talk
mailing list