[tor-bugs] #11253 [Firefox Patch Issues]: Turn on TLS 1.1 and 1.2 in TorBrowser

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Mar 20 17:05:48 UTC 2014

#11253: Turn on TLS 1.1 and 1.2 in TorBrowser
 Reporter:  YunoTLS                              |          Owner:
     Type:  enhancement                          |  mikeperry
 Priority:  critical                             |         Status:  new
Component:  Firefox Patch Issues                 |      Milestone:
 Keywords:  TLS, SSL, security, privacy,         |        Version:
  TorBrowser                                     |  Actual Points:
Parent ID:                                       |         Points:
 TLS 1.1 and TLS 1.2 support is already implemented in FF 24 ESR, but for
 some unknown reason Mozilla haven't truned it on by default, even though
 TLS 1.1 and 1.2 is supported by Chrome, IE, Opera, and FF stable (the non-
 ESR version).
 Thru about:config, search for security.tls.version.max and replace 1 with
 3 and that's it.
 Note we're not disabling SSL 3.0 so no sites at all will be broken.
 The reasons and benefits for enaling TLS 1.1 and 1.2 are obvious and self-
 evident, including
 -higher security for encrypted traffic to websites leaving Tor exit nodes
 -Making the said traffic ubove resistant to cryptanalysis and sniffing
 There are no draw backs from this upgrade because SSL 3.0 will not be
 disbaled and hence websites not supporting TLS 1.1 and 1.2 will not be
 broken and will function as normal.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11253>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list