[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Importance of HTTP connection keep-alive
>> (1) use a smaller timeout for idle connections;
>> (2) shut down a connection after some number of
>> serviced requets;
>> (3) shut down a connection after it's been used
>> for some time.
> I for one would like to see (1) and (3) implemented as
> I tend to agree with Roger.
Sigh. Here I am, brain the size of a planet, and they're asking me to
implement timeouts.
I've done all three, for the paranoid among you. Since I don't
believe in this particular threat, the default values are very large
for (2) and (3). They're controlled by the following variables :
(1) serverIdleTimeout, default 45 s;
(2) maxConnectionRequests, default 400;
(3) maxConnectionAge, default 21 m.
> Another possible anonymity threat is when a Tor user
> routing through Polipo passes the NEWNYM signal to
> Tor. This signal makes Tor use a new (clean) circut
> for new connections.
Ahem... you're expecting to get a new persona without flushing
Polipo's cache, your browser's cookies and your browser's cache?
> Could Polipo be made to listen for the NEWNYM signal
> passed to Tor?
There's no need for that -- whoever is sending the NEWNYM signal
should restart both the web browser and Polipo.
Juliusz