[149681] in North American Network Operators' Group
Re: Iran blocking essentially all encyrpted protocols
daemon@ATHENA.MIT.EDU (Alan Clegg)
Sat Feb 11 17:58:00 2012
Date: Sat, 11 Feb 2012 17:56:52 -0500
From: Alan Clegg <alan@clegg.com>
To: nanog@nanog.org
In-Reply-To: <CACB24Ms1afYu-CTXYFw0nQ-yMF2uWvHsKqx9f21gDk5-YY+hiA@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig24EB2B1DE3AF23AB1BA79D5D
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
On 2/11/2012 4:50 PM, Richard Barnes wrote:
> FWIW: A colleague in Iran was able to connect to a server in the US
> using HTTPS on a non-standard port (9999). It appears that the
> Iranian government is not blocking TLS/HTTPS per se, but just port
> 443. So in principle, if there were just some HTTPS proxies using
> non-standard ports, then people would be able to get out. At least
> until (1) the addresses of the proxies become known to the regime, or
> (2) they start blocking cross-border TLS altogether.
Or applications (and providers) knew how to use SRV records...
AlanC
--=20
alan@clegg.com | 1.919.355.8851
--------------enig24EB2B1DE3AF23AB1BA79D5D
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk828jcACgkQcKpYUrUDCYf9YQCeObGvZeZKwA7CgUmKTy8qv4+y
p5cAni09WiUw44sMYudePPnnukCJJdaY
=rTqa
-----END PGP SIGNATURE-----
--------------enig24EB2B1DE3AF23AB1BA79D5D--
