You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
此前的SS2022和VMESS,最大問題是所有流量都加密。在沒有AC電源的手機/筆記本電腦上面,使用SS2022或VMESS,耗電很快。(我做過測試,如果有預算上軟路由Wi-Fi + OpenWRT + Clash,那麼比使用SS2022/VMESS客戶端省電很多,但此舉僅限在家中)
XTLS-RPRX-VISION的設計是,對於隧道裡的TLS1.3封包,不進行二次加密,只修改SNI,但XTLS-RPRX-VISION也只支持代理TCP封包。
希望XTLS-RPRX-VISION-UDP443這個設定檔能做出改進,或者另起XTLS-RPRX-VISION-UDP設定檔:代理所有UDP封包(而不只是代理UDP 443),但對於DTLS1.3、QUIC封包,則不進行二次加密,並偽裝成TLS1.3封包。因為現階段許多遊戲、串流使用了DTLS和QUIC。對於DTLS1.2封包,如果該封包包含未加密的Server Certificate,則對該封包進行加密傳輸;如果該封包不包含Server Certificate,則不對該封包進行二次加密。對於脆弱的DTLS1.0-DTLS1.1封包,則一概進行加密傳輸。
同時,希望XTLS-RPRX-VISION做出如下改進:對於TLS1.2封包,如果該封包包含未加密的Server Certificate,則對該封包進行加密傳輸;如果該封包不包含Server Certificate,則不對該封包進行二次加密。因為大部分時候,TLS1.2封包並不包含Server Certificate,除非進行Server-Client Hello,或者進行Rekey。對於脆弱的SSL1.0-TLS1.1封包,則一概進行加密傳輸。
Beta Was this translation helpful? Give feedback.
All reactions