[tor-commits] [torbutton/master] Bug 4099: Disable TLS session tickets to limit linkability
mikeperry at torproject.org
mikeperry at torproject.org
Fri Dec 9 00:02:22 UTC 2011
commit 6ee519475ea1fdafe9dff805d550c9600cf6ce4c
Author: Mike Perry <mikeperry-git at fscked.org>
Date: Thu Dec 8 15:36:26 2011 -0800
Bug 4099: Disable TLS session tickets to limit linkability
Session IDs are disabled in a TBB patch.
---
src/chrome/content/torbutton.js | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/src/chrome/content/torbutton.js b/src/chrome/content/torbutton.js
index beb43ab..57261c9 100644
--- a/src/chrome/content/torbutton.js
+++ b/src/chrome/content/torbutton.js
@@ -1966,6 +1966,10 @@ function torbutton_update_status(mode, force_update) {
!m_tb_prefs.getBoolPref("security.enable_ssl2"));
}
+ // Disable ssl session tickets for tor usage
+ // https://trac.torproject.org/projects/tor/ticket/4099
+ m_tb_prefs.setBoolPref("security.enable_tls_session_tickets", !mode);
+
// Lower keep-alive timeout to reduce cross-domain linkability
// https://trac.torproject.org/projects/tor/ticket/4603
if (mode) {
More information about the tor-commits
mailing list