[tor-dev] Is it time to drop support for the v1/v2 protos?
Tom van der Woerdt
info at tvdw.eu
Mon Jan 12 17:26:14 UTC 2015
> On 12 Jan 2015, at 16:25, Philipp Winter <phw at nymity.ch> wrote:
>
>> On Sat, Dec 27, 2014 at 03:38:28PM +0100, Tom van der Woerdt wrote:
>> After reading the Tor spec [1] I did some digging and realized that
>> the old handshakes and link protocols (v1 (certs up-front) and v2
>> (renegotiation)) are not used anymore as of 0.2.3.6-alpha which
>> introduced link proto v3.
>>
>> Supporting v1 and v2 requires (among other things) supporting SSLv3
>> which (imho) should be deprecated everywhere.
>
> I was curious about how many relays and clients still want to speak
> version 1 and 2. I patched one of my guard relays to keep statistics
> about the content of VERSIONS cells. Here's the result after almost
> three days. The numbers include relays as well as clients.
Awesome! Looks like we can drop it.
>
> Versions | Amount total | Amount w/o duplicate hosts
> ---------+---------------+---------------------------
> 1 and 2 | 34,648 (9%) | 21,552 (23%)
We debugged this last week on IRC, as 1,2 is an invalid combination according to the specification. After correlating the ip addresses, we concluded that this is GFW scanning and not actual client usage. Are you sure you are deduplicating correctly? That's a lot of hosts.
> 3 | 73,202 (18%) | 54,307 (59%)
> 3 and 4 | 291,807 (73%) | 16,235 (18%)
These two are normal.
> 4 | 3 (0%) | 2 (0%)
That's me! I have a client implementation that will only return the highest understood version matching what the server supports, instead of a list of all supported versions.
So yeah, based on that data I conclude that 1 and 2 are no longer used.
Tom
>
> Cheers,
> Philipp
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
More information about the tor-dev
mailing list