#18274: 3DES_EDE_CBC cipher is vulnerable in the current TBB configuration!
------------------------------------------------+--------------------------
Reporter: bugzilla | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor Browser | Version:
Severity: Major | Resolution:
Keywords: tbb-security, TorBrowserTeam201602 | Actual Points:
Parent ID: | Points:
Sponsor: |
------------------------------------------------+--------------------------
Comment (by bugzilla):
Indeed, Mozilla has "Disable TLS False Start for non-ECDHE key exchange"
bug fixed. But after SLOTH and Logjam can we trust them? And why do we
need this weak cipher suite at all?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18274#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
