changes/prop198
0 → 100644
+12
−0
+62
−10
Loading
This is a feature removal: we no longer fake any ciphersuite other than the not-really-standard SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (0xfeff). This change will let servers rely on our actually supporting what we claim to support, and thereby let Tor migrate to better TLS ciphersuites. As a drawback, Tor instances that use old openssl versions and openssl builds with ciphers disabled will no longer give the "firefox" cipher list.