hi all! discussing with some of you about the poodlebleed bug we decided to stop the support for SSLv3 and i've released a new version that disable it.
it would be nice if you all that run a tor2web node can update to the latest version. https://www.ssllabs.com/ssltest/analyze.html?d=antani.tor2web.org http://poodlebleed.com/ in addition i'm starting to thinki it would be a good idea to think about changing the tor2web.org certificate for two reasons: - it's still the same from time the heartbleed bug - it makes use of SHA1 signatures (https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know) when we will decide to do this change there would be some problem due to the fact that our certificate is pinned in google crome :( any idea on how to manage this? best, evilaliv3 _______________________________________________ Tor2web-talk mailing list [email protected] http://lists.globaleaks.org/mailman/listinfo/tor2web-talk
