Hacker News new | ask | show | jobs
by apatheticonion 1088 days ago
Given HTTPS traffic is mostly permitted, could one obfuscate VPN traffic over http/3 (which I believe is UDP)?
2 comments
netheril96 1088 days ago
Indeed a whole class of GFW bypassing tools are now based on masquerading as HTTPS. Trojan (TCP only), Vision (TCP only), Hysteria (UDP), just for some examples.
link
trallnag 1088 days ago
Could China implement a MitM proxy for HTTPS traffic like many companies do?
link
nikanj 1088 days ago
No.

Companies get around ssl issues by minting their own root CAs and configuring their workstations to trust them. China has no (technical) way of forcing you to trust their root CA

link
gruez 1088 days ago
>China has no (technical) way of forcing you to trust their root CA

That might be true, but "install our root CA or you can't access websites" would get most people to do it.

link