Replies: 1 comment
-
|
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
RPRX
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi! @RPRX
So I use VLESS + XHTTP + TLS on CF CDN and when I use PQ encryption, my config latency increases about 2 times, like from 100ms to 220ms, and seems my SNI get interrupted. I say it because I was just fine before using PQ but after that, firewall acts different. the question is:
What is the benefit of using PQ encryption with TLS? Isn't TLS 1.3 already enough? the extra handshake which results in latency increase is disturbing. I understand the other use of encryption like in non TLS formats or the replacement of VMESS philosofy, but what is the other advantage for me (the normal user) of using it? Am I wrong to use TLS and PQ encryption together?
About firewall acting weird problem, Does the new update and the way I'm using PQ the cause of problem? because the normal TLS config doesn't have it, once I use PQ encryption with it, it seems my SNI (the exact same SNI I've been using for couple of years) got throttled, almost like when using fragment. in other terms: Does it encrypt the SNI address from firewall too? because if it does, thats the problem part for me.
I've read the doc stating it's recommended to turn on XTLS to avoid secondary encryption and decryption. How can I achieve that and what do you mean by "turning it on"? Am I using it correctly in my setup? the VLESS XHTTP TLS format? because if it's about using Vision flow, it can not be used with CDNs.
I hope I made my point explaining the issues, My client and server are on Xray Core 25.8.31 (I know there is newer versions, But It's the latest we got on iOS right now).
Thanks for your efforts, Cheers!
Beta Was this translation helpful? Give feedback.
All reactions