Skip to content
  1. Oct 09, 2013
  2. Sep 16, 2013
    • Nick Mathewson's avatar
      Do not include a timestamp in the ServerHello Random field. · f4c93b46
      Nick Mathewson authored
      Instead, send random bytes.
      f4c93b46
    • Nick Mathewson's avatar
      Do not include a timestamp in the ClientHello Random field. · 4af79303
      Nick Mathewson authored
      Instead, send random bytes.
      
      While the gmt_unix_time record was added in an ostensible attempt to
      mitigate the dangers of a bad RNG, its presence leaks the host's view
      of the current time in the clear.  This minor leak can help
      fingerprint TLS instances across networks and protocols... and what's
      worse, it's doubtful thet the gmt_unix_time record does any good at
      all for its intended purpose, since:
      
          * It's quite possible to open two TLS connections in one second.
          * If the PRNG output is prone to repeat itself, ephemeral
          * handshakes (and who knows what else besides) are broken.
      4af79303
  3. Feb 11, 2013
  4. Feb 09, 2013
  5. Feb 08, 2013
  6. Feb 07, 2013
  7. Feb 06, 2013
  8. Feb 04, 2013
  9. Feb 03, 2013
  10. Feb 02, 2013
  11. Feb 01, 2013