[tor-bugs] #9364 [TorBrowserButton]: Enabling only RSA and Elliptic Curve Diffie–Hellman key exchange (ECDHE)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 31 18:02:43 UTC 2013
#9364: Enabling only RSA and Elliptic Curve Diffie–Hellman key exchange (ECDHE)
-------------------------------------------------------+--------------------
Reporter: VladimirTimoshkin60 | Owner: mikeperry
Type: enhancement | Status: new
Priority: major | Milestone:
Component: TorBrowserButton | Version:
Keywords: Cipher, ECDHE, RSA, HTTPS, encryption, DH | Parent: #9345
Points: | Actualpoints:
-------------------------------------------------------+--------------------
How:
go to about:config
search "SSL3"
Among what you see are the key exchange protocols
double click on DH protocols and leave ECDHE and RSA intact.
Result:
-Forcing secure websites to use either RSA or ECDHE for key exchange (the
most secure key exchange protocols)
-Disabling Diffie-Hellman key exchange protocol (considered less secure
than those mentioned above).
PS: ECDHE is even more secure than RSA, so you might want to consider
disabling RSA too.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9364>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list