Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why is TLS 1.3 interesting here, in relation to censorship circumvention? Why is version 1.3 banned and not 1.2?




TLS 1.3 forces PFS, which means that if you want to decrypt a 1.3 stream, you have to actually do a man in the middle attack, not just get a copy of a key. PFS was optional before.

It supports ECH, which lets you hide which service the client is trying to reach on a multitenant host or CDN. Given that Cloudflare supports ECH, and that it's possible to hide the fact that you're using ECH, that makes it possible to have connections that could actually be using any of a huge number of possible sites without passive spying equipment being able to tell which ones.

It removes a bunch of weak old primitives and options, and should generally be harder to misconfigure in a dangerous way.

reply


Thanks a lot for the detailed reply!

Just in case someone will read this without knowing the abbreviations:

PFS = perfect forward secrecy [0]

ECH = Encrypted Client Hello

[0] https://en.wikipedia.org/wiki/Forward_secrecy

[1] https://en.wikipedia.org/wiki/Server_Name_Indication#Encrypt...

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: