[tor-dev] Tor not affected by recent openssl security advisories

Tim Kuijsten info at netsend.nl
Thu Jan 28 17:05:51 UTC 2016

> It's also worth noting that newer (0.2.7.x) versions of Tor should not
> be doing DHE except when talking to old versions of Tor, linked
> against old versions of OpenSSL as ECDH is both mandatory and preferred
> in the current stable series.

Is ECDH currently mandatory or did you mean ECDHE?

More information about the tor-dev mailing list