24 Oct
2016
24 Oct
'16
4:29 p.m.
Hey all, Since tor devs have thought about how to handle TLS Session Tickets and Identifiers, I want to capture that approach and stick it into our NetCipher library, which is also used in Orfox. As I understand it, the approach is: * disable TLS Session Tickets entirely * reset TLS Session Identifiers on NEWNYM Any plans to rethink this for TLS v1.3? Any other TLS tracking issues I should be addressing in NetCipher? I'd also appreciate any references on this topic (yes, I know how to find the relevant RFCs ;), like tor trac tickets. My searches have come up with very little. .hc -- PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556