[tor-relays] relay's count handshake versions, why not TLS handshake types?
s7r at sky-ip.org
Sun Aug 2 17:01:16 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
I think that is to maintain a backward compatibility. Tor tries as
hard as possible to maintain backward compatibility with older
versions, unless something critical which requires deprecation
regardless some relays will disappear from the consensus.
I guess this is the reason we currently prefer ECDHE but do not reject
DHE. In the future, when we are certain everyone upgraded to new
enough OpenSSL, we can safely reject DHE all the time.
On 8/2/2015 6:57 PM, starlight.2015q2 at binnacle.cx wrote:
> At 08:26 8/2/2015 -0700, you wrote:
>> It also may not tell you their ordering preference (but it might!
>> again, you'd have to look at the code.)
> That "openssl s_client" test I ran was against my 0.2.6.10 with
> openssl 1.0.2 relay.
> It's certain that ECDHE is preferred over DHE, but my thought is
> that, especially with 0.2.7 dropping openssl 0.9.8 (no ECDHE), that
> relays should refuse to accept DHE connections entirely.
> We've seen many downgrade attacks and who knows for certain if none
> remain buried in the openssl? Seems prudent to kill-off DHE.
> _______________________________________________ tor-relays mailing
> list tor-relays at lists.torproject.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
-----END PGP SIGNATURE-----
More information about the tor-relays