Remove 3DES as a required suite; add the minimal AES one.

author: Nick Mathewson <nickm@torproject.org> 2016-09-05 14:10:48 -0400
committer: Nick Mathewson <nickm@torproject.org> 2016-09-05 14:10:48 -0400
commit: e22c36fb77f0c780fc532df1e54cebc8676190b3 (patch)
tree: 05a9ca51413dd2a495fef16696b46b5ba01c98da /tor-spec.txt
parent: 4adc21feb4eea16f17aa4ad964554a1a9244ebc7 (diff)
download: torspec-e22c36fb77f0c780fc532df1e54cebc8676190b3.tar.gz
torspec-e22c36fb77f0c780fc532df1e54cebc8676190b3.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/tor-spec.txt b/tor-spec.txt
index e85634d..ba9782f 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -182,8 +182,8 @@ see tor-design.pdf.
    Connections between two Tor relays, or between a client and a relay,
    use TLS/SSLv3 for link authentication and encryption.  All
    implementations MUST support the SSLv3 ciphersuite
-   "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", and SHOULD support the TLS
-   ciphersuite "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" if it is available.
+   "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" if it is available. They SHOULD
+   support better ciphersuites if available.
 
    There are three ways to perform TLS handshakes with a Tor server.  In
    the first way, "certificates-up-front", both the initiator and
author	Nick Mathewson <nickm@torproject.org>	2016-09-05 14:10:48 -0400
committer	Nick Mathewson <nickm@torproject.org>	2016-09-05 14:10:48 -0400
commit	e22c36fb77f0c780fc532df1e54cebc8676190b3 (patch)
tree	05a9ca51413dd2a495fef16696b46b5ba01c98da /tor-spec.txt
parent	4adc21feb4eea16f17aa4ad964554a1a9244ebc7 (diff)
download	torspec-e22c36fb77f0c780fc532df1e54cebc8676190b3.tar.gz torspec-e22c36fb77f0c780fc532df1e54cebc8676190b3.zip