[tor-commits] [tor-browser-spec/master] More comments from Georg.
mikeperry at torproject.org
mikeperry at torproject.org
Mon Apr 28 15:18:48 UTC 2014
commit 2d1c3e4e56a4dbe7bbd63690b7685fdb3364abd7
Author: Mike Perry <mikeperry-git at fscked.org>
Date: Tue Oct 11 15:19:16 2011 -0700
More comments from Georg.
---
docs/design/design.xml | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/docs/design/design.xml b/docs/design/design.xml
index 414241c..6782dc9 100644
--- a/docs/design/design.xml
+++ b/docs/design/design.xml
@@ -959,10 +959,14 @@ not be reused for that same third party in another url bar origin.
</para>
<para><command>Implementation Status:</command>
-We <ulink url="https://trac.torproject.org/projects/tor/ticket/4099">plan to
-disable</ulink> TLS session resumption, and limit HTTP Keep-alive duration. We
-currently clear TLS Session IDs upon <link linkend="new-identity">New
-Identity</link>.
+We currently clear TLS Session IDs upon <link linkend="new-identity">New
+Identity</link>, but we have no origin restriction implementation as of yet.
+We plan to <ulink
+url="https://trac.torproject.org/projects/tor/ticket/4099">disable TLS session
+resumption</ulink>, and limit HTTP Keep-alive duration as stopgaps to limit
+linkability until we can implement <ulink
+url="https://trac.torproject.org/projects/tor/ticket/4100">true origin
+isolation</ulink> (the latter we feel will be fairly tricky).
</para>
</listitem>
More information about the tor-commits
mailing list