[tbb-bugs] #29252 [Applications/Tor Browser]: Don't disable TLS 1.3 for update checks
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 31 19:52:31 UTC 2019
#29252: Don't disable TLS 1.3 for update checks
------------------------------------------+----------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
When constructing the request for the `update.xml` file TLS 1.3 is
disabled:
{{{
// Disable cutting edge features, like TLS 1.3, where middleboxes
might brick us
this._request.channel.QueryInterface(Ci.nsIHttpChannelInternal).beConservative
= true;
}}}
The tests on the Internet maintain that the machines behind aus1 do not
support TLS 1.3 (weasel tells me our machines behind aus1 *do* support TLS
1.3). Be that as it may, we should offer TLS 1.3. (This got mentioned as
part of BLRG-PT-18-007 in the Firefox updater audit
(https://bugzilla.mozilla.org/attachment.cgi?id=8985197) as well).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29252>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list