[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #11154 [Applications/Tor Browser]: Disable TLS 1.0 (and 1.1) by default (was: Tor TLS and Security Cipher)

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #11154 [Applications/Tor Browser]: Disable TLS 1.0 (and 1.1) by default (was: Tor TLS and Security Cipher)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 17 Jan 2020 09:00:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 17 Jan 2020 04:00:36 -0500
In-reply-to: <048.ec991795e1a0e7557e2ec456913ec9c5@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <048.ec991795e1a0e7557e2ec456913ec9c5@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#11154: Disable TLS 1.0 (and 1.1) by default
--------------------------------------+--------------------------
 Reporter:  ZeroCool                  |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  ff78-esr-will-have        |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------
Changes (by gk):

 * keywords:  needs-triage => ff78-esr-will-have


Comment:

 We have everything this bug complains about apart from the tls min
 version. However, a fix for that landed recently: https://hg.mozilla.org
 /mozilla-central/rev/1d07ac23cc5a, so it seems Mozilla is confident this
 sticks and is not impacting usability too much. We could probably think
 about backporting that fix into our alpha series. Dunno what the real
 browser devs think about that, though. :)

 Either way, this will be fixed in esr78.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11154#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #32933 [Webpages/Website]: Please adapt GeKo's core people entry
Next by Author: Re: [tor-bugs] #32457 [Internal Services/Tor Sysadmin Team]: Give cohosh and phw access to gettor-01
Previous by thread: Re: [tor-bugs] #10952 [Applications/Tor Browser]: Tor Browser leaves developer windows open after New Identity
Next by thread: Re: [tor-bugs] #11294 [Applications/Tor Browser]: Users are not able to log into https://unseen.is
Index(es):
- Author
- Thread