[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] time to disable 3DES?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] time to disable 3DES?
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 7 Oct 2013 16:49:35 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 07 Oct 2013 16:56:36 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=kfb9Y7ZjxBmx2dKmCgnV9falssaJlBYuF66Yx9v5k78=; b=AEgAm+JGi76H1b343RBKSGw9P+0qoc0fj+t1GoqtDH/oLQUN6gpM5A8i8mbtljyywE htXmu3+Hqnq6xRTTogrdBiMOKYhIr5k4CKW/DkzpXRSImXtECvB/rnAzGNroxhNuKyL6 XCdJfEJIFlRaWkiC6ssH7UKH/rpNI2/+ZF5fXk/CSopC67Ey31dBziUDnNFg2cNtp9Qz JXSFbLvEHFman9YUDkdiY5C2cJ09QMDdRQCOHEeUvmkm4FIdw599Kb8ker7tptAIUmuR L/VAPCA+qa+DIxnXTyWbCSOcCTCkfcBfeqr+Hf7Wgcny3vLvjIgLK6qtCAebz6FFVmao xvuQ==
In-reply-to: <CAD8GWssFe1e9tUuxe7Q9p+d5KNPF+eOZxO2hWU9N3=v1AVujwg@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD8GWssFe1e9tUuxe7Q9p+d5KNPF+eOZxO2hWU9N3=v1AVujwg@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Mon, Oct 7, 2013 at 3:58 PM, Lee <ler762@xxxxxxxxx> wrote:
> Isn't it time to quit using DES?
>
> Finally gave TBB a try (version 2.3.25-13), seems to me that the
> firefox component needs a lot of hardening.
>
> https://www.mikestoolbox.org/

This may be a function of the crypto library on your box (if dynamic),
rather than the supplied firefox itself (which it would be if static).
I don't have TBB handy.

printf 'GET / HTTP/1.0\n\n' \
 | openssl_101e s_client -connect www.mikestoolbox.org:https -ign_eof
 DHE-RSA-AES256-SHA256

0.9.8x: DHE-RSA-AES256-SHA

And that particular toolbox doesn't seem to support certain suites, ie:
ECDHE-RSA-AES256-GCM-SHA384: handshake failure

> Client Cipher Suites:

3DES is probably not least of note as all posted were SHA1 or lesser.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] time to disable 3DES?
  - From: Lee

References:
- [tor-talk] time to disable 3DES?
  - From: Lee

Prev by Author: Re: [tor-talk] Simple Question
Next by Author: [tor-talk] Guard failing very large number of circuits
Previous by thread: [tor-talk] time to disable 3DES?
Next by thread: Re: [tor-talk] time to disable 3DES?
Index(es):
- Author
- Thread