[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Importance of HTTP connection keep-alive

--- Juliusz Chroboczek
<Juliusz.Chroboczek@xxxxxxxxxxxxxx> wrote:

>> (1) use a smaller timeout for idle connections;
>> (2) shut down a connection after some number of
>> serviced requets;
>> (3) shut down a connection after it's been used
>> for some time.
> I for one would like to see (1) and (3)
> implemented as
> I tend to agree with Roger.
>> Sigh.  Here I am, brain the size of a planet, and
>> they're asking me to implement timeouts.

wow.  You must have a big head! (in more ways than
one). How do get hats that fit? ;-)

>> I've done all three,

Great, thanks

>> for the paranoid among you.  

Well, we are talking about Tor...

>> Since I don't believe in this particular threat

You may be correct, I see both points of view.  But,
may I say that it shows character for you to do this
even though you think it's a waste.

> Another possible anonymity threat is when a Tor
> user routing through Polipo passes the NEWNYM
> signal to Tor.  This signal makes Tor use a new
> (clean) circut for new connections.
>> Ahem... you're expecting to get a new persona
>> without flushing Polipo's cache, your browser's
>> cookies and your browser's cache?

No, I didn't say that.  But IMHO having Polipo
shutdown connections when a NEWNYM signal is sent may
be one part of the puzzle.

>> Could Polipo be made to listen for the NEWNYM
>> signal passed to Tor?
> There's no need for that -- whoever is sending the
> NEWNYM signal should restart both the web browser
> and Polipo.

Well, that would not be very efficient as I have been
known to use NEWNYM many times in a single on-line
session.  I agree however that the browser should be
purged of session data like cookies, cache, etc as
should Polipo's cache be cleared when sending the
NEWNYM signal...especially if staying on the same


Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around