Skip to content
  1. Sep 16, 2013
    • Nick Mathewson's avatar
      Do not include a timestamp in the ClientHello Random field. · 4af79303
      Nick Mathewson authored
      Instead, send random bytes.
      
      While the gmt_unix_time record was added in an ostensible attempt to
      mitigate the dangers of a bad RNG, its presence leaks the host's view
      of the current time in the clear.  This minor leak can help
      fingerprint TLS instances across networks and protocols... and what's
      worse, it's doubtful thet the gmt_unix_time record does any good at
      all for its intended purpose, since:
      
          * It's quite possible to open two TLS connections in one second.
          * If the PRNG output is prone to repeat itself, ephemeral
          * handshakes (and who knows what else besides) are broken.
      4af79303
  2. Feb 11, 2013
  3. Feb 09, 2013
  4. Feb 08, 2013
  5. Feb 07, 2013
  6. Feb 06, 2013
  7. Feb 04, 2013
  8. Feb 03, 2013
  9. Feb 02, 2013
  10. Feb 01, 2013
  11. Jan 31, 2013