darhwa
commented
4 years ago Only problem of TLS is they need a domain name.
TLS has an ext named TLS-PSK before TLS 1.3, TLS 1.3 has include this part, not ext at all, https://tools.ietf.org/html/rfc8446#section-2.2
image from https://www.wikiwand.com/en/Transport_Layer_Security
openssl has official support TLS-PSK, and this is a Python warpper, it no need to have a domain at all. For user, the config can same as over TCP, no domain, no certificates.
The problem here is, language's stdlib TLS-PSK API is always missing, so it's need some third-party lib, or develop from scratch.
@riobard @studentmain @Mygod
What is the status of TLS-PSK in this TLS 1.3 era? In my understanding, TLS 1.3 uses PSK for connection resumptions. But I'm not sure if the client can establish a new TLS 1.3 connection to the server with only PSK (without certificate).
iosmanthus
This issue is to discuss the changes we want in the next major revision of Shadowsocks protocol. Right now I've done some preliminary research based on the SOCKS6 RFC draft and I have a prototype security layer that provides forward secrecy (except for early data) and 1-RTT latency (or 0-RTT if used with TCP Fast Open).
So here're the things I have in mind (no particular order of importance, and most are optional):
Please feel free to discuss the changes.