Quick question about TOR and use of SSL
yousifnet
yousifnet at gmail.com
Fri May 16 20:28:03 UTC 2008
> First, my understanding of SSL is that it creates a direct tunnel from
> your computer to the web server (or router if the SSL certificate is bound to
> somthing like a load-balancing router). If this is correct, wouldn't this "short
> circuit" the TOR purpose of obfuscation?
[Normal SSL]
A) user sends encrypted message to proxy
B) proxy forwards the message to the server
C) server responds with another encrypted message to the proxy
D) proxy forwards the encrypted message to the user
E) proxy can't read or change anything in between
USER <<===>> PROXY <<===>> SERVER
[Tor with SSL]
A) Same as above. The proxy can be more than one server(two, three servers,etc.)
B) proxies still can't read anything (semi-redundant but that's another story)
USER <<==>> PROXY1<<==>> PROXY2 <<==>> PROXY3 <<==>> SERVER
More information about the tor-talk
mailing list