Iran blocking essentially all encyrpted protocols

Alan Clegg alan at clegg.com
Sat Feb 11 16:56:52 CST 2012


On 2/11/2012 4:50 PM, Richard Barnes wrote:
> FWIW: A colleague in Iran was able to connect to a server in the US
> using HTTPS on a non-standard port (9999).  It appears that the
> Iranian government is not blocking TLS/HTTPS per se, but just port
> 443.  So in principle, if there were just some HTTPS proxies using
> non-standard ports, then people would be able to get out.  At least
> until (1) the addresses of the proxies become known to the regime, or
> (2) they start blocking cross-border TLS altogether.

Or applications (and providers) knew how to use SRV records...

AlanC
-- 
alan at clegg.com | 1.919.355.8851

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120211/900bae32/attachment.bin>


More information about the NANOG mailing list