Closed teirdes closed 2 years ago
I don't think this is correct. For instance:
"Protocol identification is useful for detecting and blocking circumvention tools, like Tor, or traffic that is difficult to analyze, like VoIP or SSL, because the censor can assume that this traffic should be blocked. However, this can lead to over-blocking problems when used with popular protocols. These methods are expensive, both computationally and financially, due to the use of statistical analysis, and can be ineffective due to their imprecise nature. Moreover, censorship circumvention groups like the Tor Project have developed "pluggable transports" which seek to make the traffic of censorship circumvention tools appear indistinguishable from other kinds of traffic [Tor-2020]."
This does not look to me like TCP-level analysis.
I'll need to look and see if we can make this more clear and lucid. next version
Hi @ekr we have done some re-configuration of the TOC and I think probably made this issue worse. Would really appreciate it if you could re-review this comment and give guidance about what belongs where. Thank you in advance!
LGTM
Thank you!
Comment: "I'm having trouble with your taxonomy here because a lot of the protocol identification work seems like it's more application layer than transport layer, but you have it in 3.3."
Proposed resolution:
Do not implement any changes. The description of censorship specifically lists identification of TCP traffic, which would be transport layer. Encouraging users to switch to HTTP by impairing HTTPS traffic is only a consequence of identifying the transport layer communications, so the main gist of the technical censorship activity is transport layer related.