[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #12766 [meek]: Disable TLSv1.1 and TLSv1.2 in the Firefox helper
#12766: Disable TLSv1.1 and TLSv1.2 in the Firefox helper
------------------------+----------------------------------
Reporter: dcf | Owner: dcf
Type: defect | Status: closed
Priority: normal | Milestone:
Component: meek | Version:
Resolution: fixed | Keywords: TorBrowserTeam201408
Actual Points: | Parent ID:
Points: |
------------------------+----------------------------------
Comment (by dcf):
Replying to [comment:4 mikeperry]:
> Hrmm. I think you probably want to blend in with Firefox 31 regardless.
It is more common than FF24ESR. Though, I'm not sure if
security.tls.version.max=3 looked like Firefox 31 if it was done from a
Firefox 24 build. It may not.
It's a nice idea, but the ciphersuites, at least, offered by Firefox 31
are different than those offered by 24:
* https://bugzilla.mozilla.org/show_bug.cgi?id=936828
* https://bugzilla.mozilla.org/show_bug.cgi?id=946147#c1 amusing followup
about broken servers ignoring the MSB of the ciphersuite ID
See https://www.ssllabs.com/ssltest/viewMyClient.html for an online test.
I don't think we'll win in the long run making Firefox try to look like
anything other than its true version; there are too many dead-parrot
issues. Firefox 24 is less common than Firefox 31, but Firefox 24
ciphersuites with TLSv1.2 is likely to be less common than both.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12766#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs