[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] MITM attack on TLS



On 11/18/2015 04:36 PM, Justin Davis wrote:
I just learned that the IT department of an organization where I am
will begin mass decryption on TLS traffic.  Would this effect the use
of the Meek pluggable transport?  Just to give more information, the
attack will be done by having every network user install a root cert
in our browsers.  Any information is apreciated.

I'm not entirely sure whether meek transport checks the certificate, because it's not necessary since it just acts an encapsulation proxy for Tor traffic.

However the IT admin would be able to see to which meek bridge are you connecting to after the MitM (meek just sends the bridge in HTTP Host header that is normally hidden inside TLS tunnel).

I haven't checked meek's development in a while, so this might not be entirely accurate.

OM
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk