Hi all,After reading the Tor spec [1] I did some digging and realized that the old handshakes and link protocols (v1 (certs up-front) and v2 (renegotiation)) are not used anymore as of 0.2.3.6-alpha which introduced link proto v3.
Supporting v1 and v2 requires (among other things) supporting SSLv3 which (imho) should be deprecated everywhere.
This makes me wonder why Tor still supports these: is it for compatibility with even older versions (consensus health says no) or are there other reasons? If someone were to invest a couple of hours and remove all support for them from the Tor code and the Tor spec, would this hurt the network or would it be a welcome patch?
Tom [1] https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt
Attachment:
smime.p7s
Description: S/MIME-cryptografische ondertekening
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev