[tor-bugs] #33485 [Applications/Tor Browser]: Use LibreSSL by default in the Tor Browser
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Feb 29 13:23:01 UTC 2020
#33485: Use LibreSSL by default in the Tor Browser
-------------------------+------------------------------------------
Reporter: cyperpunks | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Component: Applications/Tor Browser
Version: | Severity: Normal
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------+------------------------------------------
LibreSSL is a fork of OpenSSL by the OpenBSD team following Heartbleed. It
improves security a lot from the original OpenSSL library.
https://www.libressl.org/
https://en.wikipedia.org/wiki/LibreSSL
It would be better if Tor Browser used LibreSSL by default instead of
OpenSSL. This would make attacks on the TLS implementation (such as
Heartbleed) far less likely.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33485>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list