Merge remote-tracking branch 'public/bug9780_024_v2' into maint-0.2.4

author: Nick Mathewson <nickm@torproject.org> 2013-10-31 14:02:28 -0400
committer: Nick Mathewson <nickm@torproject.org> 2013-10-31 14:02:28 -0400
commit: 1b312f7b55bc5322f3029ad12715d9f348d44650 (patch)
tree: 9b99d209095d88a1338774ea1a212add2df9b927 /changes
parent: 0e8ee795d901c1a5ac84e53bbea417fddace46bf (diff)
parent: 72c1e5acfe1c6f04f4d7d398fc4a964d4bc5b62e (diff)
download: tor-1b312f7b55bc5322f3029ad12715d9f348d44650.tar.gz
tor-1b312f7b55bc5322f3029ad12715d9f348d44650.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/changes/bug9780 b/changes/bug9780
new file mode 100644
index 0000000000..3cb51bd528
--- /dev/null
+++ b/changes/bug9780
@@ -0,0 +1,8 @@
+  o Minor bugfixes (performance, fingerprinting):
+    - Our default TLS ecdhe groups were backwards: we meant to be using
+      P224 for relays (for performance win) and P256 for bridges (since
+      it is more common in the wild). Instead we had it backwards. After
+      reconsideration, we decided that the default should be P256 on all
+      hosts, since its security is probably better, and since P224 is
+      reportedly used quite little in the wild.  Found by "skruffy" on
+      IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha.
author	Nick Mathewson <nickm@torproject.org>	2013-10-31 14:02:28 -0400
committer	Nick Mathewson <nickm@torproject.org>	2013-10-31 14:02:28 -0400
commit	1b312f7b55bc5322f3029ad12715d9f348d44650 (patch)
tree	9b99d209095d88a1338774ea1a212add2df9b927 /changes
parent	0e8ee795d901c1a5ac84e53bbea417fddace46bf (diff)
parent	72c1e5acfe1c6f04f4d7d398fc4a964d4bc5b62e (diff)
download	tor-1b312f7b55bc5322f3029ad12715d9f348d44650.tar.gz tor-1b312f7b55bc5322f3029ad12715d9f348d44650.zip