[tor-bugs] #20751 [Applications/TorBirdy]: enforce stronger ciphers in torbirdy

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 13 09:31:14 UTC 2017


#20751: enforce stronger ciphers in torbirdy
-------------------------------------------------+-------------------------
 Reporter:  cypherpunks                          |          Owner:  sukhbir
     Type:  enhancement                          |         Status:  new
 Priority:  Low                                  |      Milestone:
Component:  Applications/TorBirdy                |        Version:
 Severity:  Minor                                |     Resolution:
 Keywords:  torbirdy, thunderbird,               |  Actual Points:
  TorBirdy0.2.2                                  |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by sukhbir):

 Replying to [comment:2 Diapolo]:
 > I'd like to support the idea of better and safer defaults!
 >
 > {{{
 > "security.tls.version.min": 1,
 > "security.tls.version.max": 3,
 > }}}
 >
 > I'm able to use 3, 3 and would also be able to use 3, 4 if Thunderbird
 supports TLS 1.3, so it's bad that these are getting overwritten ;).

 I am thinking of going with:

 {{{
 "security.tls.version.min": 3,
 "security.tls.version.max": 3,
 }}}

 And then have an opt-out if this breaks some mail providers, with the
 preferences (set via TorBirdy's preferences dialog):

 {{{
 "security.tls.version.min": 1,
 "security.tls.version.max": 3,
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20751#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list