[tor-talk] POODLE ATTACK - eugeni.torproject.org

isis isis at torproject.org
Sun Nov 2 20:23:39 UTC 2014

elrippo transcribed 6.0K bytes:
> Dear admins of eugeni.torproject.org
> Could you be so kind to update your system so it sends messages encrypted.
> Since i updated my system, your server doesn't have the proper cipher suites to negotiate a TLS handshake.

It's unclear what you're asking for, but Eungeni does send emails over
encrypted connections, see #10989. [0]  To my knowledge, it is also not
vulnerable to the POODLE attack, and it does support TLS_FALLBACK_SCSV (at
least, for the webserver). [1]  If you have more detailed information, we'd
be glad to hear it.

[0]: https://trac.torproject.org/projects/tor/ticket/10989#comment:5
[1]: https://www.ssllabs.com/ssltest/analyze.html?d=eugeni.torproject.org
 ♥Ⓐ isis agora lovecruft
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1154 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20141102/fdef6100/attachment.sig>

More information about the tor-talk mailing list