[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #8420 [TorBirdy]: Opt-out from TLS-specific settings

To: undisclosed-recipients:;
Subject: [tor-bugs] #8420 [TorBirdy]: Opt-out from TLS-specific settings
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 06 Mar 2013 23:51:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 06 Mar 2013 18:51:30 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#8420: Opt-out from TLS-specific settings
-------------------------+--------------------------------------------------
 Reporter:  sukhbir      |          Owner:  ioerror
     Type:  enhancement  |         Status:  new    
 Priority:  normal       |      Milestone:         
Component:  TorBirdy     |        Version:         
 Keywords:               |         Parent:         
   Points:               |   Actualpoints:         
-------------------------+--------------------------------------------------
 We should have an opt-out from the following TLS settings:

 "security.ssl.require_safe_negotiation"
 "security.ssl.treat_unsafe_negotiation_as_broken"

 Even though this is not such a good idea, but many servers do not support
 TLS with secure renegotiation (or are using an older version of the
 protocol), and because we are enforcing this setting, some users are not
 able to use TorBirdy at all.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8420>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #8420 [TorBirdy]: Opt-out from TLS-specific settings
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #8400 [TorBrowserButton]: Torbutton's browsing history pref seems to require restart
Next by Author: [tor-bugs] #8421 [Firefox Patch Issues]: Audit App Cache for third party isolation
Previous by thread: Re: [tor-bugs] #8349 [EFF-HTTPS Everywhere]: CSS and images on sourceforge.jp are not loaded properly
Next by thread: Re: [tor-bugs] #8420 [TorBirdy]: Opt-out from TLS-specific settings
Index(es):
- Author
- Thread