[tor-commits] [tor-browser-spec/master] More comments from Georg.

mikeperry at torproject.org mikeperry at torproject.org
Mon Apr 28 15:18:48 UTC 2014

commit 2d1c3e4e56a4dbe7bbd63690b7685fdb3364abd7
Author: Mike Perry <mikeperry-git at fscked.org>
Date:   Tue Oct 11 15:19:16 2011 -0700

    More comments from Georg.
 docs/design/design.xml |   12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/docs/design/design.xml b/docs/design/design.xml
index 414241c..6782dc9 100644
--- a/docs/design/design.xml
+++ b/docs/design/design.xml
@@ -959,10 +959,14 @@ not be reused for that same third party in another url bar origin.
      <para><command>Implementation Status:</command>
-We <ulink url="https://trac.torproject.org/projects/tor/ticket/4099">plan to
-disable</ulink> TLS session resumption, and limit HTTP Keep-alive duration. We
-currently clear TLS Session IDs upon <link linkend="new-identity">New
+We currently clear TLS Session IDs upon <link linkend="new-identity">New
+Identity</link>, but we have no origin restriction implementation as of yet.
+We plan to <ulink
+url="https://trac.torproject.org/projects/tor/ticket/4099">disable TLS session
+resumption</ulink>, and limit HTTP Keep-alive duration as stopgaps to limit
+linkability until we can implement <ulink
+url="https://trac.torproject.org/projects/tor/ticket/4100">true origin
+isolation</ulink> (the latter we feel will be fairly tricky).

More information about the tor-commits mailing list