[cryptography] Client certificates, Tor-exit nodes and renegotiation

Alexandre Anzala-Yamajako anzalaya at gmail.com
Fri Mar 14 13:02:11 EDT 2014


It also might be worthwhile to note that Client certification is not very
common and needs an infrasctructure to generate and deploy. Also even if
the client certificate is sent encrypted later in the handshake, it's size
will be noticeable in the handshake (except if we are ready to pad
certificate-less client messages). A competent and funded organization
might then have a very small pool of users to choose from as to who might
be trying to connect a particular server which somewhat defeats the purpose
of Tor

-- 
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140314/cbce3394/attachment.html>


More information about the cryptography mailing list