Re: [tor-bugs] #18129 [Tor Messenger]: Investigate chosen ciphersuite

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#18129: Investigate chosen ciphersuite
---------------------------+---------------------
 Reporter:  arlolra        |          Owner:
     Type:  defect         |         Status:  new
 Priority:  High           |      Milestone:
Component:  Tor Messenger  |        Version:
 Severity:  Normal         |     Resolution:
 Keywords:                 |  Actual Points:
Parent ID:                 |         Points:
  Sponsor:                 |
---------------------------+---------------------

Comment (by bugzilla):

 > That would be #18002.
 That would be great to fix #18002 ;)
 > Thanks but they aren't necessarily using the same TLS terminator for
 webchat as the IRC server.
 Of course. But the probability is high.
 > is there any way to change the SSL/TLS that Tor Messenger uses?
 Yes, but downgrade only. Auto-negotiation selects most strong cipher suite
 of both sides. Server is usually a bottleneck.
 > TLSv1.2 AES128-SHA-128
 SHA is bad, does Tor Messenger offer SHA-2?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18129#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs