[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] time to disable 3DES?



On Mon, Oct 7, 2013 at 3:58 PM, Lee <ler762@xxxxxxxxx> wrote:
> Isn't it time to quit using DES?
>
> Finally gave TBB a try (version 2.3.25-13), seems to me that the
> firefox component needs a lot of hardening.
>
> https://www.mikestoolbox.org/

This may be a function of the crypto library on your box (if dynamic),
rather than the supplied firefox itself (which it would be if static).
I don't have TBB handy.

printf 'GET / HTTP/1.0\n\n' \
 | openssl_101e s_client -connect www.mikestoolbox.org:https -ign_eof
 DHE-RSA-AES256-SHA256

0.9.8x: DHE-RSA-AES256-SHA

And that particular toolbox doesn't seem to support certain suites, ie:
ECDHE-RSA-AES256-GCM-SHA384: handshake failure

> Client Cipher Suites:

3DES is probably not least of note as all posted were SHA1 or lesser.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk