[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #11528 [Tor]: Consider using âSSL_OP_CIPHER_SERVER_PREFERENCE
#11528: Consider using âSSL_OP_CIPHER_SERVER_PREFERENCE
------------------------+----------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-relay tls 024-backport
Actual Points: | Parent ID:
Points: |
------------------------+----------------------------------------
Comment (by nickm):
Here are the ciphers that appear on the current client and server lists,
sorted by client preference order:
{{{
XCIPHER(0xc02f, TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
XCIPHER(0xc013, TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA)
XCIPHER(0xc014, TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA)
XCIPHER(0xc012, TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA)
XCIPHER(0x0033, TLS1_TXT_DHE_RSA_WITH_AES_128_SHA)
XCIPHER(0x0039, TLS1_TXT_DHE_RSA_WITH_AES_256_SHA)
XCIPHER(0x0016, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA)
}}}
Here are the ciphers that appear on the old client and current server
lists, sorted by client preference order:
{{{
XCIPHER(0xc014, TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA)
XCIPHER(0x0039, TLS1_TXT_DHE_RSA_WITH_AES_256_SHA)
XCIPHER(0xc013, TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA)
XCIPHER(0x0033, TLS1_TXT_DHE_RSA_WITH_AES_128_SHA)
XCIPHER(0xc012, TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA)
XCIPHER(0x0016, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA)
}}}
(I'm only considering the new server list from #11513, since we wouldn't
merge a patch for this to any series without also merging #11513 .)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11528#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs