TLS Client Hello Mirror https://tlsprivacy.nervuri.net/

Go to file

nervuri 02666e2997 don't log "extension data not read"		2023-05-12 12:50:13 +00:00
.reuse	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
LICENSES	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
clienthello	don't log "extension data not read"	2023-05-12 12:50:13 +00:00
.gitignore	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
DOC.md	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
INSTALL.md	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
LICENSE.txt	change license to BSD-3-Clause; ensure REUSE compliance	2023-04-03 10:49:30 +00:00
Makefile	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
README.md	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
drop_privileges.go	change license to BSD-3-Clause; ensure REUSE compliance	2023-04-03 10:49:30 +00:00
go.mod	change license to BSD-3-Clause; ensure REUSE compliance	2023-04-03 10:49:30 +00:00
go.sum	add go.mod and go.sum	2023-01-31 11:27:50 +00:00
index.gmi	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
index.html	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
request.go	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00
response.go	change license to BSD-3-Clause; ensure REUSE compliance	2023-04-03 10:49:30 +00:00
server.go	reorganize code, add json/v2 endpoint and API doc	2023-04-30 16:27:55 +00:00

README.md

TLS Client Hello Mirror

This test:

reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;
can be used to check for TLS privacy pitfalls (session resumption, TLS fingerprinting, system time exposure);
supports both HTTP and Gemini on the same port;
is free as in freedom and trivial to self-host.

Installation

See INSTALL.md.

API documentation

This test exposes two JSON endpoints: /json/v1 (basic) and /json/v2 (detailed). See DOC.md for details.

Roadmap

HTML & gemtext front-end
detect client vulnerability to session prolongation attacks
support early data / 0-RTT (Go's crypto/tls library currently does not)
support sessionID-based resumption (Go's crypto/tls library currently does not)

Contributing

This project is hosted at tildegit.org. If you don't want to make an account, just shoot me an email with your patch / suggestion / bug report / whatever else.