[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #27971 [- Select a component]: Still supports 1024 bit keys

To: undisclosed-recipients: ;
Subject: [tor-bugs] #27971 [- Select a component]: Still supports 1024 bit keys
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sun, 07 Oct 2018 12:21:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 07 Oct 2018 08:27:03 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#27971: Still supports 1024 bit keys
---------------------+--------------------------------------
 Reporter:  kroeckx  |          Owner:  (none)
     Type:  defect   |         Status:  new
 Priority:  Medium   |      Component:  - Select a component
  Version:           |       Severity:  Normal
 Keywords:           |  Actual Points:
Parent ID:           |         Points:
 Reviewer:           |        Sponsor:
---------------------+--------------------------------------
 The code still contains a 1024 bit DH key. If you still want to support
 DH, can I suggest you switch to a key from rfc7919?

 As far as I understand, since 0.2.4, ECDHE is prefered, and DHE shouldn't
 be used anymore. The 0.2.4 branch itself doesn't seem to be supported
 anymore.

 #27344 changed things so that 1024 bit DH keys will always be allowed, and
 only seems to be added to support very old hosts that are known to have
 several security issues.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27971>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #28136 [Metrics/Website]: OnionPerf graph handles missing data on 2018-10-01 in a weird way
Next by Author: [tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #28008, #28009, #28010, #28011, ...
Previous by thread: Re: [tor-bugs] #27441 [Applications/Tor Browser]: Update Debian Image to use Stretch
Next by thread: Re: [tor-bugs] #27971 [Core Tor/Tor]: Still supports 1024 bit keys
Index(es):
- Author
- Thread