[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #4099 [Tor Browser]: Disable TLS session resumption and HTTP keep-alive
#4099: Disable TLS session resumption and HTTP keep-alive
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: defect | Status: new
Priority: major | Milestone: TorBrowserBundle 2.2.x-stable
Component: Tor Browser | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by gk):
> Yes. Also, some more research reveals that disabling keep-alive will
also prevent pipelining, which would eliminate our experimental website
fingerprinting defense
> (https://blog.torproject.org/blog/experimental-defense-website-traffic-
fingerprinting).
Indeed, that is true as pipelining is bound to keep-alive at least in
Mozilla. Nevertheless I could imagine some kind of "pipelining" even if
keep-alive is off. There seems no strong connection between keep-alive and
randomizing request order to me.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4099#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs