On Wed, Jan 03, 2007 at 02:48:03PM -0500, chris@xxxxxxxxxxxx wrote: > I'm curious about need to specify 2 TLS ciphersuites in the spec... > > All implementations MUST support > the TLS ciphersuite "TLS_EDH_RSA_WITH_DES_192_CBC3_SHA", and SHOULD > support "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" if it is available > > Is the problem that we can't assume every TLS implentation is using strong > enough encryption? The problem is that when we started writing Tor, not every version of OpenSSL in the wild supported AES. I believe AES was first supported in 0.9.7; it's still pretty common to find people running operating systems with OpenSSL 0.9.6 or earlier. > It is a shame Tor must worry about these low level details > of TLS. > > Why can't we just say everyone MUST use > "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" and be done with it? Because it isn't nice to break compatibility gratuitously just to save a couple of lines of code. > (This isn't a fault of Tor but I'm bugged TLS allowed weak ciphersuites such > that Tor must demand they NOT be used.) Alas, my time machine is broken; going back in time and arguing with the SSL developers is not an option. :) yrs, -- Nick Mathewson
Attachment:
pgpSBv5X6BsDb.pgp
Description: PGP signature