Opened 7 months ago

Last modified 3 months ago

#27141 reopened enhancement

Backport TLS1.3 patches

Reported by: sysrqb Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords: tbb-security
Cc: cypherpunks3 Actual Points:
Parent ID: #28707 Points:
Reviewer: Sponsor:

Description (last modified by sysrqb)

Consider backporting TLS 1.3 patches for NSS and Firefox (after they land) onto Tor Browser 8 (ESR60). It seems like almost all the patches are within NSS.

https://bugzilla.mozilla.org/show_bug.cgi?id=1057463

Child Tickets

Change History (7)

comment:1 Changed 7 months ago by sysrqb

Description: modified (diff)
Keywords: tbb-security added; tbb-performance ff60-esr removed

comment:2 Changed 7 months ago by traumschule

Keywords: tls added

comment:3 Changed 6 months ago by traumschule

Resolution: duplicate
Status: newclosed

#27681 looks like a duplicate of this and #27535

comment:4 in reply to:  3 Changed 6 months ago by cypherpunks3

Replying to traumschule:

#27681 looks like a duplicate of this and #27535

Probably didn't mean to set this ticket as the dupe then?

comment:5 Changed 6 months ago by sysrqb

Resolution: duplicate
Status: closedreopened

Unlike #27535, this ticket is related to backporting the standards-track TLS 1.3 implementation. Mozilla should be landing that soon, but they won't backport it to 60esr. This ticket is for deciding if we should try backporting it, or keep the current draft implementation. #27535 and #27681 are related to Tor Browser 8 disabling the TLS 1.3 draft implementation currently available in 60esr.

comment:6 Changed 6 months ago by gk

Cc: cypherpunks3 added
Keywords: tls removed

#27681 is a duplicate.

comment:7 Changed 3 months ago by omg

Parent ID: #28707
Priority: MediumHigh
Severity: NormalMajor
Note: See TracTickets for help on using tickets.