On Wed, 7 Sep 2016 14:24:12 -0700
David Fifield wrote:
> The protocol as just described would be vulnerable to active probing;
> the censor could test for servers by sending them garbage session
> tickets and seeing how they respond. But that's easy to fix. We can,
> for
Here's an idea for a new pluggable transport. It's just a TLS tunnel,
but with a twist that allows the server's certificate to be omitted,
depriving the censor of many classification features, such as whether
the certificate is signed by a CA, the certificate's lifetime, and
whether the commonName