[tor-dev] handling TLS Session Ticket/Identifier for Android
Hans-Christoph Steiner
hans at guardianproject.info
Mon Oct 24 16:29:28 UTC 2016
Hey all,
Since tor devs have thought about how to handle TLS Session Tickets and
Identifiers, I want to capture that approach and stick it into our
NetCipher library, which is also used in Orfox. As I understand it, the
approach is:
* disable TLS Session Tickets entirely
* reset TLS Session Identifiers on NEWNYM
Any plans to rethink this for TLS v1.3? Any other TLS tracking issues I
should be addressing in NetCipher? I'd also appreciate any references
on this topic (yes, I know how to find the relevant RFCs ;), like tor
trac tickets. My searches have come up with very little.
.hc
--
PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556
https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556
More information about the tor-dev
mailing list