#29430: Use uTLS for meek TLS camouflage in Tor Browser --------------------------------------+-------------------------- Reporter: dcf | Owner: tbb-team Type: enhancement | Status: new Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: meek utls | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------------------+-------------------------- Changes (by yawning):
* cc: yawning (added) Comment: Replying to [comment:4 mcs]: > Kathy and I agree: if we are planning to switch to obfs4proxy's meek client implementation (which seems like a good option to us), we should change Tor Launcher to use SOCKS args with the meek PT that it spins up for Moat. > > Georg, is it worthwhile for us to do that work in Tor Launcher soon, or should we first resolve the "meek-client or obfs4proxy?" question? For what it's worth, I also think that changing Tor Launcher to do so is orthogonal from which meek implementation is being used, since the new code will work with both implementations (unless meek-client is doing something extremely surprising under the hood). I aim to keep the bridge lines between meek-client and meek_lite as compatible as possible. Currently the differences between the two implementations are as follows: * (config) meek_lite's `utls` option understands `HelloChrome_71`. * (config) meek_lite will use `HelloFirefox_Auto` if no `utls` option is specified. * (config) meek_lite has a (misnamed according to some) option `disableHPKP`. So, all meek-client bridge lines will work with meek_lite (though the TLS fingerprint may differ). -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29430#comment:5> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs