Aside from SNI (which the article mentions HAS to be submitted in plaintext) you... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		afhof on June 18, 2012 \| parent \| context \| favorite \| on: Dissecting the SSL handshake Aside from SNI (which the article mentions HAS to be submitted in plaintext) you might be able to randomize the supported ciphers. Just like faking the User Agent String, you might be able to randomly select a cipher suite equal to that of another browser (and that your browser supports as well).

majke on June 18, 2012 [–]

Randomizing the ciphers is not a good idea. First, their order is significant - in theory the server should pick up the first it knows. Second, limiting supported ciphers inevitably may lead to incompatibility with some websites (as they may support only ciphers that were omitted).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact