Skip to content
Snippets Groups Projects
New look
Closed Different TLS certs for incoming vs outgoing
  • View options

    • Different TLS certs for incoming vs outgoing

  • View options
    • Closed Issue created by Roger Dingledine

    We should learn to present different TLS certs for incoming connections vs outgoing connections.

    The motivating example is bridges. They want to show the same identity to people who connect, yet behave like clients when they connect to other relays (e.g. change keys when they change IP addresses).

    (Of course, this change would provide a new way to test for bridges: if a Tor connects to you, connect back and see if the cert is different. But at least that's an active test that requires the bridge to connect to you first. But then, the attack I describe above only kicks in when the bridge connects to you. Hm.)

    [Automatically added by flyspray2trac: Operating System: All]

    Linked items ... 0

    • Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first
    Loading Loading Loading Loading Loading Loading Loading Loading Loading Loading