[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Preferred OpenSSL config for Tor?

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] Preferred OpenSSL config for Tor?
From: "Steve Snyder" <swsnyder@xxxxxxxxxxxxx>
Date: Tue, 16 Sep 2014 11:08:14 -0400 (EDT)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 16 Sep 2014 11:16:45 -0400
Importance: Normal
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

What are the recommended build options for OpenSSL 1.0.1x when building it for use with Tor v0.2.5.x?

Put another way, what default OpenSSL features (ciphers, etc.) should be disabled and what optional features should be enabled?

My goal here is to build a Tor-oriented OpenSSL, one that dispenses with features Tor doesn't need/use while enabling those that improve security and/or performance.

Thanks.



_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Preferred OpenSSL config for Tor?
  - From: Zack Weinberg

Prev by Author: Re: [tor-dev] Responsible disclosure
Next by Author: Re: [tor-dev] Scaling tor for a global population
Previous by thread: Re: [tor-dev] Guardiness: Yet another external dirauth script
Next by thread: Re: [tor-dev] Preferred OpenSSL config for Tor?
Index(es):
- Author
- Thread