[tor-dev] Is it time to drop support for the v1/v2 protos?
Tom van der Woerdt
info at tvdw.eu
Sat Dec 27 14:38:28 UTC 2014
After reading the Tor spec  I did some digging and realized that the
old handshakes and link protocols (v1 (certs up-front) and v2
(renegotiation)) are not used anymore as of 0.2.3.6-alpha which
introduced link proto v3.
Supporting v1 and v2 requires (among other things) supporting SSLv3
which (imho) should be deprecated everywhere.
This makes me wonder why Tor still supports these: is it for
compatibility with even older versions (consensus health says no) or are
there other reasons? If someone were to invest a couple of hours and
remove all support for them from the Tor code and the Tor spec, would
this hurt the network or would it be a welcome patch?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3729 bytes
Desc: S/MIME-cryptografische ondertekening
More information about the tor-dev