[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2877 [Tor Browser]: Prevent TLS state from accumulating in TorBrowser

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2877 [Tor Browser]: Prevent TLS state from accumulating in TorBrowser
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 19 Apr 2011 03:51:57 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 18 Apr 2011 23:52:06 -0400
In-reply-to: <049.d9377ae6c411feb1869cac830e0fc5f9@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.d9377ae6c411feb1869cac830e0fc5f9@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2877: Prevent TLS state from accumulating in TorBrowser
-------------------------+--------------------------------------------------
 Reporter:  mikeperry    |          Owner:  mikeperry
     Type:  defect       |         Status:  new      
 Priority:  normal       |      Milestone:           
Component:  Tor Browser  |        Version:           
 Keywords:               |         Parent:  #2871    
   Points:  ?            |   Actualpoints:           
-------------------------+--------------------------------------------------
Changes (by mikeperry):

  * type:  enhancement => defect


Old description:

> We've been accumulating a few TLS issues with Torbutton (#2482). In
> particular, we need to figure out how to handle user-stored certificates,
> the intermediate cert store, and STS. Perhaps we just want to block all
> of these by default for TorBrowser? Perhaps we want an extra confirmation
> dialog?
>
> STS and the intermediate cert store should definitely be cleared by the
> New Identity button, though (#523). We currently lack direct Firefox APIs
> for either of these. https://bugzilla.mozilla.org/show_bug.cgi?id=435159
> might help with the latter.

New description:

 We've been accumulating a few TLS issues with Torbutton (#2482). In
 particular, we need to figure out how to handle user-stored certificates,
 the intermediate cert store, and STS. Perhaps we just want to block all of
 these by default for TorBrowser? Perhaps we want an extra confirmation
 dialog?

 STS and the intermediate cert store should definitely be cleared by the
 New Identity button, though (#523). We currently lack direct Firefox APIs
 for either of these. https://bugzilla.mozilla.org/show_bug.cgi?id=435159
 might help with the latter.

 [[TicketQuery(parent=#2877,format=table,col=component|owner|summary|priority|points,order=priority)]]

--

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2877#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #2877 [Tor bundles/installation]: Prevent TLS state from accumulating in TorBrowser
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #2871 [Tor Browser]: Patches for Firefox 4/Tor Browser
Next by Author: Re: [tor-bugs] #2951 [Tor Browser]: Review permissions manager and certdb source
Previous by thread: Re: [tor-bugs] #2877 [Tor Browser]: Prevent TLS state from accumulating in TorBrowser
Next by thread: Re: [tor-bugs] #2877 [Tor Browser]: Prevent TLS state from accumulating in TorBrowser
Index(es):
- Author
- Thread