Top Qs
Timeline
Chat
Perspective
Oblivious HTTP
IETF network protocol From Wikipedia, the free encyclopedia
Remove ads
Oblivious HTTP (OHTTP) is an IETF network protocol intended to allow anonymous HTTP transactions over the Internet without revealing source IP addresses.[1] OHTTP is documented in RFC 9458, published in January 2024.[2] The RFC says "Oblivious HTTP is simpler and less costly than more robust systems, like Prio [PRIO] or Tor [DMS2004], which can provide stronger guarantees at higher operational costs."[2]
Remove ads
Mechanism
OHTTP uses a combination of message encryption and a double-proxy-relay setup, where the first proxy relay can see the source, but cannot see the destination of the encrypted message, and the second proxy can decrypt the message to forward it on to the destination, but cannot see the original source. All traffic between the source, destination and both proxies is carried over the HTTPS protocol to prevent third parties from analysing or intercepting the message contents.[3]
Since neither relay, nor any third party, simultaneously knows both the source and destination address for a transaction, it would thus require the operators of both relays to collude in order to cross-correlate messages and recover the source address; if either one of the relay operators is trustworthy, privacy is preserved. However, if both relay operators collude, the security of OHTTP is compromised.[4]
Remove ads
Deployment
Cloudflare's Privacy Gateway, released in 2022, is an OHTTP service.[4]
Google contracted with Fastly in 2023 to provide Google with an OHTTP relay to implement its experimental anonymous advertising technology.[5][6] Google also uses a Fastly OHTTP relay as part of its Google Safe Browsing service.[7][8]
In 2023, Mozilla started using Fastly's OHTTP service as part of collecting Firefox performance metrics without identifying information about individual users.[9]
Apple states that its Enhanced Visual Search uses OHTTP as part of its anonymization strategy.[10] Apple published support for OHTTP for its Swift programming language in 2024.[11]
Remove ads
Related work
The Oblivious DNS over HTTPS (ODoH) protocol carries DNS over HTTPS (DoH) traffic.[3]
References
Wikiwand - on
Seamless Wikipedia browsing. On steroids.
Remove ads