[TronDD]

I'm doing something similar without privoxy in the middle. I think it's working here on a Dec 05 snapshot.

My tls options are formatted like this:
tls { no tlsv1.0, no tlsv1.1, ciphers "HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:!RC4" }

Relayd can't connect to a site that is only accepting up to tls v1.0 (as confirmed with firefox).

Tim.

EDIT:
On second thought, I realized that the host check to the tls 1.0 site was still passing. So you're right. the tls parameters seem to only apply to the server connection of relayd, not to the client connection.

EDIT2: ...Sorry. You got a reply on bugs@, I confirmed what Benno said. But it seems the options don't apply to the host check but do apply to the client connection.