On Fri, Dec 31, 2010 at 10:17 PM, Nick Mathewson <[email protected]> wrote: > But to answer your questions, the main reason Tor doesn't use ECC now > (and that its RSA keys are 1024 bits except for authority keys) is > that back when we designed the relevant parts of the current Tor [snip]
So— if someone had asked me about this I would have also pointed out that using anything other than moderately sized RSA in the transport security would make it impossible for Tor to look at all like a random SSL (e.g. a http client/server) and thus be more vulnerable to blocking by even the laziest attackers. I haven't seen this point raised in this thread, so I'm wondering if I'm misunderstanding or if it's just not being mentioned because even ignoring the ciphersuite selection blocking tor based on the on-the-wire behavior isn't especially difficult. *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
