#25804: Domain fronting to App Engine stopped working -----------------------------------+------------------------ Reporter: dcf | Owner: (none) Type: defect | Status: new Priority: Medium | Milestone: Component: Obfuscation/Snowflake | Version: Severity: Normal | Resolution: Keywords: moat | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: -----------------------------------+------------------------
Comment (by dcf): Replying to [comment:36 cypherpunks]: > Don't know how much data Moat and Snowflake need, but if it's only a tiny amount an alternative for the AMP proxy could be Google's favicon retrieval service, which allows to retrieve one 16×16 PNG at the time. That's neat, I like it :) I briefly ran the numbers on Snowflake for #25874. The client needs to send about 700 bytes, or about 500 bytes if compressed; and receive a similar amount. Unfortunately that's too long for a single DNS name (max 255 bytes). Sending an entire client offer will take multiple DNS requests, so it probably won't work in the favicon service. Moat is even harder, at least as currently implemented. It doesn't use a single request/response; it uses a tunneled TLS connection atop multiple serialized requests and responses. Making it work over a single request/response would require rearchitecting the protocol so that Moat messages have their own confidentiality and integrity protection, independent of TLS. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25804#comment:38> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs