On Mon, Oct 7, 2013 at 3:58 PM, Lee <[email protected]> wrote: > Isn't it time to quit using DES? > > Finally gave TBB a try (version 2.3.25-13), seems to me that the > firefox component needs a lot of hardening. > > https://www.mikestoolbox.org/
This may be a function of the crypto library on your box (if dynamic), rather than the supplied firefox itself (which it would be if static). I don't have TBB handy. printf 'GET / HTTP/1.0\n\n' \ | openssl_101e s_client -connect www.mikestoolbox.org:https -ign_eof DHE-RSA-AES256-SHA256 0.9.8x: DHE-RSA-AES256-SHA And that particular toolbox doesn't seem to support certain suites, ie: ECDHE-RSA-AES256-GCM-SHA384: handshake failure > Client Cipher Suites: 3DES is probably not least of note as all posted were SHA1 or lesser. -- tor-talk mailing list - [email protected] To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
