[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Compatibility issue with OpenSSL 1.1.1a
On Sat, Dec 1, 2018 at 8:40 PM Paul <paul@xxxxxxxxxxxxx> wrote:
>
> I have run into this issue just now and iam curious if i can "just"
> downgrade back or if there is any other way to workaround?
>
I think that it's okay to downgrade to 1.1.1 for Tor's purposes: the
two security vulnerabilities fixed in 1.1.1a are about DSA and ECDSA,
which Tor doesn't use. Also, you could use 1.1.0j if you prefer
something patched.
> How does this affect my relay? Will it still be useable?
It will be usable by anybody connecting to it with TLS up to 1.2, and
by clients using TLS 1.3. Connections between your relay and other
relays will fail if you are both upgraded to TLS 1.3.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays