Why we need this protocol?
This is a concise and clear "Any in TLS" proxy protocol. This means you can ship anything on top of TLS without having to worry about firewalls identifying it due to some side-channel leak. It provides functions for modifying packet length characteristics, which are not available in previous protocols.
It is well known that simpler protocols, such as Trojan, are already fully recognized by the GFW due to the side-channel leak so-called "TLS in TLS problem". Even with multiplexing or hard-coded padding, it still produce very fixed packet length characteristics (when you carry TLS on it).
We also took the handshake RTT into consideration, so we implemented connection reuse, but it is not like sing-mux or other earlier mux, because it only carries one stream on a single connection at the same time, so there is no head-of-line blocking problem.
All in all, this is a protocol with clear semantics, forward-looking design, and excellent performance. (...)
