Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS fingerprint with AG should be the same as without it #1503

Closed
ameshkov opened this issue Aug 22, 2021 · 1 comment
Closed

TLS fingerprint with AG should be the same as without it #1503

ameshkov opened this issue Aug 22, 2021 · 1 comment
Assignees
@ngorskikh
Labels
Enhancement P3: Medium Resolution: Fixed Status: Closed Version: CoreLibs v1.9

Comments

@ameshkov
Copy link
Member

Here's the problem, currently it's easy to distinguish AG from a "clean" browser judging from the TLS fingerprint.

The difference is simple, Chrome sends one extra TLS extension compared to us: https://tlsfingerprint.io/find/extension/4469

Moreover, ideally, our TLS fingerprint should be the same as the browser's FP, not just as Chrome's.
@ngorskikh
Copy link
Member

https://source.chromium.org/chromium/chromium/src/+/cc8598642336ec1fbf0eaf9c226f96b0d0acdaaf
https://datatracker.ietf.org/doc/html/draft-vvv-tls-alps

Chrome has implemented a draft rfc allowing the exchange of HTTP/2 SETTINGS frames as part of the TLS handshake.

@ameshkov ameshkov mentioned this issue Nov 13, 2021
Closed
This was referenced Dec 29, 2021
Closed
Closed
Closed
@adguard-bot adguard-bot mentioned this issue Feb 7, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ngorskikh ngorskikh

Labels
Enhancement P3: Medium Resolution: Fixed Status: Closed Version: CoreLibs v1.9
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ameshkov @adguard-bot @ngorskikh