[tor-qa] SSL/TLS and encryption
    Sir Jammy Phan 
    jamesbond.honghoi at gmail.com
       
    Tue Nov 18 10:49:12 UTC 2014
    
    
  
Better Tor should use secure TLS (esp TLS 1.2 and higher) with least TLS
1.1 and higher instead of insecure SSL. At the same time, Tor should remove
RC4,RC2,DES,MD5,null, DH,ECDH from encrypted codes because they're
insecure. Tor also should remove 3DES from encrypted codes because it have
low streng. And HTTP 2.0 is safer and more secure and more private and
faster than HTTP 1.1 and HTTP 1.0. And RSA and DSA and ECDSA are same
strong but ECDSA have best performent in RSA/DSA/ECDSA. Use least ECDSA 128
bits encryption for client and least ECDSA 2048 bits for server even ECDSA
8192 bits possible. Use DHE/ECDHE for encryption.
Your sincerely,
Sir Jammy Phan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-qa/attachments/20141118/4680fbbe/attachment.html>
    
    
More information about the tor-qa
mailing list