[tor-bugs] #3972 [Tor Relay]: Implement proposal 179: TLS certificate and handshake normalization

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sat Oct 8 06:26:22 UTC 2011


#3972: Implement proposal 179: TLS certificate and handshake normalization
--------------------------+-------------------------------------------------
 Reporter:  ioerror       |          Owner:                    
     Type:  defect        |         Status:  new               
 Priority:  major         |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Relay     |        Version:  Tor: unspecified  
 Keywords:  needs_review  |         Parent:                    
   Points:                |   Actualpoints:                    
--------------------------+-------------------------------------------------

Comment(by ioerror):

 Nick - If you read this report (
 https://www.ssllabs.com/ssldb/analyze.html?d=www%2etorproject%2eorg&s=38%2e229%2e70%2e46
 ) - I see that our website uses a 2048-bit RSA key and the DH is 1024-bit.
 Eg: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   DH 1024 bits (p: 128, g: 1,
 Ys: 128)

 What happens if we crank up the DH parameter to be dynamic and 2048-bits?
 Seems like we'll perhaps stick out, eh?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3972#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list