[tor-bugs] #4099 [Tor Browser]: Disable TLS session resumption and HTTP keep-alive
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Sep 27 06:44:32 UTC 2011
#4099: Disable TLS session resumption and HTTP keep-alive
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: defect | Status: new
Priority: major | Milestone: TorBrowserBundle 2.2.x-stable
Component: Tor Browser | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by mikeperry):
Replying to [comment:2 arma]:
> Replying to [ticket:4099 mikeperry]:
> > We need to disable TLS session resumption and HTTP keep-alive
>
> Isn't disabling http keep-alive really harmful for performance?
Yes. Also, some more research reveals that disabling keep-alive will also
prevent pipelining, which would eliminate our experimental website
fingerprinting defense
(https://blog.torproject.org/blog/experimental-defense-website-traffic-
fingerprinting).
I guess keep-alive will have to wait for #4100. TLS session IDs are the
worse of the two anyway, as they persist for longer.
We can reduce the duration of HTTP keep-alive even more, though. Right now
it is 115 seconds... Should we lower it?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4099#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list