[tor-commits] [torspec/master] Remove 3DES as a required suite; add the minimal AES one.

nickm at torproject.org nickm at torproject.org
Tue Sep 13 12:55:01 UTC 2016


commit e22c36fb77f0c780fc532df1e54cebc8676190b3
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Sep 5 14:10:48 2016 -0400

    Remove 3DES as a required suite; add the minimal AES one.
---
 tor-spec.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tor-spec.txt b/tor-spec.txt
index e85634d..ba9782f 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -182,8 +182,8 @@ see tor-design.pdf.
    Connections between two Tor relays, or between a client and a relay,
    use TLS/SSLv3 for link authentication and encryption.  All
    implementations MUST support the SSLv3 ciphersuite
-   "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", and SHOULD support the TLS
-   ciphersuite "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" if it is available.
+   "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" if it is available. They SHOULD
+   support better ciphersuites if available.
 
    There are three ways to perform TLS handshakes with a Tor server.  In
    the first way, "certificates-up-front", both the initiator and





More information about the tor-commits mailing list