mmmray
mmmray
in principle i don't think censors should have the expectation that organic traffic reliably disconnects using a certain application-specific pattern. switching networks, sleep mode, there's a lot beyond the application's...
You're right there are quite a few features being used by some censors that this solution does not cover. I was mainly focused on Iran where it seems to me...
the proxy services I have in mind do not allow listening for inbound connections on a port, hence the need for a middlebox and the pretending that there is a...
Do i get it right that "grandfathered in" domain fronting will stop working on 2023-02-27 and new domain fronting will stop working immediately? What is the significance of the cert...
@ValdikSS Same here. But I think this still tracks with @cohosh's explanation. Existing pairings of SNI to Host header still work but new deployments of domain fronting may not. It...
it still works here (using the same fronting domain i've been using for months though)
see previously: #280 to add to what gaukas said, all significant ECH rollout today comes with a ECH-free fallback (e.g. Firefox) -- we are very far from making ECH mandatory,...
> I use this one-liner for i in $(seq 1000); do nc -v 1.1.1.1 443; done to quickly try and wait until the connection gets curious if you are you...
> Edit: My testing point is behind a CGNAT so it is possible the port translated by the CGNAT and visible to the GFW is reused. If that is the...
as you said, it also is not clear to me how any NAT alongside the terminated connection can be convinced to ignore the RST it is likely that between censor...