[tor-bugs] #18129 [Tor Messenger]: Investigate chosen ciphersuite
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jan 23 02:17:36 UTC 2016
#18129: Investigate chosen ciphersuite
---------------------------+---------------------
Reporter: arlolra | Owner:
Type: defect | Status: new
Priority: High | Milestone:
Component: Tor Messenger | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
---------------------------+---------------------
Comment (by arlolra):
It's been suggested that the server doesn't do server side ordering, so
whatever the client presents first gets picked, meaning Instantbird is
ordered to use AES128-SHA-128 first :(
`openssl s_client -cipher 'AES128-GCM-SHA256:AES256-GCM-SHA384' -connect
irc.oftc.net:6697`
=> AES128-GCM-SHA256
`openssl s_client -cipher 'AES256-GCM-SHA384:AES128-GCM-SHA256' -connect
irc.oftc.net:6697`
=> AES256-GCM-SHA384
Next step is to record the client hello in wireshark to see what it's
presenting, to be sure. And then figure out why ...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18129#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list