On Thu, 28 Jan 2016 18:05:51 +0100 Tim Kuijsten <info@xxxxxxxxxx> wrote: > > It's also worth noting that newer (0.2.7.x) versions of Tor should > > not be doing DHE except when talking to old versions of Tor, linked > > against old versions of OpenSSL as ECDH is both mandatory and > > preferred in the current stable series. > > Is ECDH currently mandatory or did you mean ECDHE? Yes. It uses ECDH with Ephemeral keys. Really, unless you vendor's OpenSSL library is doing something Really Silly, or is ancient, this will Do The Right Thing (TM). -- Yawning Angel [0]: Bow before your new NIST overlords, etc.
Attachment:
pgphu_96xAHey.pgp
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev