[tor-bugs] #4099 [Tor Browser]: Disable TLS Session resumption and Session IDs

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Dec 7 23:40:05 UTC 2011

#4099: Disable TLS Session resumption and Session IDs
 Reporter:  mikeperry                   |          Owner:  mikeperry                    
     Type:  defect                      |         Status:  new                          
 Priority:  major                       |      Milestone:  TorBrowserBundle 2.2.x-stable
Component:  Tor Browser                 |        Version:                               
 Keywords:  MikePerryIteration20111211  |         Parent:                               
   Points:  2                           |   Actualpoints:                               
Changes (by mikeperry):

 * cc: ioerror (added)


 At first glance, it looked like this was doable by calling
 SSL_ConfigServerSessionIDCache() during nsNSSComponent::InitializeNSS().
 However, the system appears to be written to use a default session ID
 cache size if you set it to 0.

 There does appear to be an SSL_NO_CACHE option that can be set with
 SSL_OptionSet(), as well as an ssl_defaults that we can bang on to disable
 session ID caching for each individual ssl socket.

 I am going to try that and see what happens.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4099#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list