Task #8207: PRIVACY & SECURITY: Unable to connect with XMPP servers that require use of strong ciphers that support forward secrecy - Orfox Private Browser - Guardian Project Dev (ARCHIVED SITE)

Copy

Task #8207

« Previous | 66 of 220 | Next »

PRIVACY & SECURITY: Unable to connect with XMPP servers that require use of strong ciphers that support forward secrecy

Added by Anonymous 11 months ago.

Status:

New

Start date:

08/14/2016

Priority:

High

Due date:

Assignee:

Anonymous

% Done:

100%

Category:

Target version:

Component:

Description

Attempts to connect to XMPP servers that require explicit use of Forward Secrecy Cipher Suite(s) fail. ChatSecure Android client does not appear to support PFS ciphers.

Specifically, the following standard Forward Secrecy Cipher Suite(s) appear missing from ChatSecure:
ECDHE-ECDSA-AES256-GCM-SHA384 (0xc02c)
ECDHE-ECDSA-AES256-SHA384 (0xc024)
ECDHE-ECDSA-AES128-GCM-SHA256 (0xc02b)

I have setup an (intermittently available) test server that only supports these higher ciphers so that you may independently verify if need be.
IM Observatory test results to test server (and server details) - https://xmpp.net/result.php?id=434489
While TLS negotiation fails with ChatSecure:Android, it remains successful with desktop xmpp client such as PSI.

Support for standard PFS ciphers is requested as part of the standard privacy & security model to which ChatSecure prescribes.

tmp_7442-0001942048903360.pdf (34.7 KB) Anonymous, 03/03/2017 01:24 am

Related issues

Copy

Also available in: Atom PDF

Core Apps » Orfox Private Browser

Issues

Custom queries

Task #8207

PRIVACY & SECURITY: Unable to connect with XMPP servers that require use of strong ciphers that support forward secrecy

	Copied from ChatSecure:Android - Bug #7842: PRIVACY & SECURITY: Unable to connect with XMPP servers ...	New	08/14/2016
	Copied to Orfox Private Browser - Task #8381: PRIVACY & SECURITY: Unable to connect with XMPP servers ...	New	08/14/2016