[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and resumed TLS handshakes



On Mon, Sep 26, 2011 at 8:15 PM, Mike Perry <mikeperry@xxxxxxxxxx> wrote:
> Previously we dealt with SSL Session IDs only by clearing them upon
> toggle, on the assumption that Tor sessions would be short lived. We
> also clear them with the "New Identity" button in Tor Browser, so Tor
> Browser users are not entirely defenseless.

Oh, awesome, I hadn't noticed that. Actually, this is IMHO more than enough.

> Thanks for finding this!

No, thank you. It's much easier to critique than build it in the first place. ;)

-- 
Mansour
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk