[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27848 [Applications/Tor Browser]: Cloudflare consistently displays captcha for TorBrowser 8.0.1 but not for 8.0.0

#27848: Cloudflare consistently displays captcha for TorBrowser 8.0.1 but not for
8.0.0
--------------------------------------+-----------------------------------
 Reporter:  cypherpunks_reply         |          Owner:  tbb-team
     Type:  defect                    |         Status:  needs_information
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+-----------------------------------
Changes (by traumschule):

 * cc: mahrud (added)
 * status:  new => needs_information


Comment:

 Cloudflare is all for TLS 1.3, so why the captcha?
 ----
 A Detailed Look at RFC 8446 (a.k.a. TLS 1.3) 10 Aug 2018 by Nick Sullivan
 https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
 > TLS 1.3 is a modern security protocol built with modern tools like
 formal analysis that retains its backwards compatibility. It has been
 tested widely and iterated upon using real world deployment data. It’s a
 cleaner, faster, and more secure protocol ready to become the de facto
 two-party encryption protocol online. Draft 28 of TLS 1.3 is enabled by
 default for all Cloudflare customers, and we will be rolling out the final
 version soon.
 > Publishing TLS 1.3 is a huge accomplishment. It is one the best recent
 examples of how it is possible to take 20 years of deployed legacy code
 and change it on the fly, resulting in a better internet for everyone. TLS
 1.3 has been debated and analyzed for the last three years and it’s now
 ready for prime time. Welcome, RFC 8446.
 ----
 FIXED in Firefox 52: CloudFlare triggers unsafe negotiation warning with
 TLS 1.3
 https://bugzilla.mozilla.org/show_bug.cgi?id=1305561

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27848#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs