[tor-bugs] #8420 [TorBirdy]: Opt-out from TLS-specific settings
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 6 23:51:21 UTC 2013
#8420: Opt-out from TLS-specific settings
-------------------------+--------------------------------------------------
Reporter: sukhbir | Owner: ioerror
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: TorBirdy | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
We should have an opt-out from the following TLS settings:
"security.ssl.require_safe_negotiation"
"security.ssl.treat_unsafe_negotiation_as_broken"
Even though this is not such a good idea, but many servers do not support
TLS with secure renegotiation (or are using an older version of the
protocol), and because we are enforcing this setting, some users are not
able to use TorBirdy at all.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8420>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list