Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#25418 closed defect (duplicate)

TLS protocol and chipers used on torproject websites

Reported by: NoNameForMee Owned by:
Priority: Medium Milestone:
Component: Webpages Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


It appears to me that the TLS configurations and ciphers used on several Torproject websites are in desperate need of someone love and attention.

For instance the main website, is only accessible using the old TLSv1.0 not the currently recommended TLSv1.2 (nor the upcoming TLSv1.3). Further more it is not only the protocol versions which are in need of some attention, the ciphers used include also need some improvements. For instance RC4 is used in spite of RFC7465, (apparently also MD5 is used).

If someone site admin where to have a look at it but needs some help along the way the Mozilla Foundation have created a recommended list of ciphers and protocols which can be used as a sort of "best common practise" for HTTPS configuration. And Qaulys ssllabs provide a quick and easy tool to test how it would be handled by various browsers and versions (along with some extra tests).

Qaulys SSLLabs server test:

RFC 7465 - Prohibit RC4 Cipher Suites:

Mozilla foundations recommended configurations:

Child Tickets

Change History (3)

comment:1 Changed 3 years ago by cypherpunks

Resolution: duplicate
Status: newclosed

100% Duplicate of some other ticket, go find out! ~_~

Last edited 3 years ago by cypherpunks (previous) (diff)

comment:2 Changed 3 years ago by arma

dear cypherpunks, please don't close tickets as duplicates without pointing to a specific ticket that it's a duplicate of.

comment:3 Changed 3 years ago by arma

#25354 looks like the right ticket here.

Note: See TracTickets for help on using tickets.