[tbb-bugs] #17374 [Tor Browser]: Disable 1024-DH Encryption by default
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Nov 8 10:00:09 UTC 2015
#17374: Disable 1024-DH Encryption by default
-------------------------+--------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: High | Milestone:
Component: Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
-------------------------+--------------------------
Comment (by cypherpunks):
Replying to [comment:3 yawning]:
> What is suggested will force correct behavior in the latter case, at the
expense of not being able to connect at all to servers exhibiting the
former behavior. This is a usability vs security tradeoff, and my concern
would be that people fall back to plain http when they can't reach a site
over https (No crypto vs theoretically/speculatively weak crypto).
Are there any estimates on how many servers (and which) use the weaker
encryption by default? If it is only a small portion (and no major sites,
only obscure rarely visited ones), I'm sure the security tradeoff is very
much worth it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17374#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list