Hi,

Are the "Use TLS" options (Network: Proxy: 3x TCP Tabs) superfluous when I have also set the Network: Connections: Incoming and Outgoing Peer Encryption options both to "Encrypted Only"?

And if my SOCKS5 provider doesn't provide TLS for any of the 3x Proxy TCP connection options, what will make sure that the connections remain encrypted only?

Or does a SOCKS5 proxy without any TLS support for TCP in combination with Tixati's "Encrypted Only" options set for both outgoing and Incoming Peer connections, refuse to connect to peers over TCP? Because no encrypted tunnel can be set?

And is there a way to test, through Tixati, the SOCKS5 proxy's TLS support for TCP? Are there any errors I should see if TLS isn't properly supported?

Thanks!

UPDATE: Note to self: Question to developers:
https://support.tixati.com/settings%20-%20network%20-%20connections

Does this mean that the torrent clients themselves handle the encryption part for the Outgoing and Incoming Peer Connections? It would make sense. That would als mean that IF the SOCKS5 proxy supports TLS and you enable it, you would get RC4 stream encryption over TLS, no?

Which leads to a new question: I always thought that an encrypted zip archive in an encrypted rar file would be double as hard to crack, hack or decrypt.
BUT math says the opposite: an extra layer of encryption does NOT make it safer, contrary: it opens one up to unexpected loopholes (hacks).

SO... Does that mean that for the BEST security... I should set Incoming and Outgoing Peer Connections' encryption to "Unencrypted Only" but then enable the TLS options for the SOCKS5 "TCP Peers" proxy settings to achieve the maximum security and privacy. Yes? No? :)

Regards!

These settings are only for the pipe between the application and the proxy server. You should set them to match the connection options provided by the administrator of your internal or external proxy server, otherwise they won't work.

The discussion of cryptography is irrelevant. It does not work in a manner you suppose. You should start from stating which connections might be snooped on, and by whom, and what are the possible outcomes for you, then decide how you need to protect from them, which data channel must be encrypted, and where it is optional.

In case of torrenting in a country that protects big business needs, you simply create an opaque tunnel to the outside location for everything. There is no need to reason about some layers or incorrectly apply academic discussions of mixing encryption methods (which assume same key or some kind of derivation or entanglement of key material which might have hidden properties).