[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #13586 [Tor Browser]: Use security.ssl.disable_session_identifiers pref in meek-http-helper to restore TLS session tickets

Subject: [tor-bugs] #13586 [Tor Browser]: Use security.ssl.disable_session_identifiers pref in meek-http-helper to restore TLS session tickets
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sun, 26 Oct 2014 19:19:44 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 26 Oct 2014 15:19:59 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#13586: Use security.ssl.disable_session_identifiers pref in meek-http-helper to
restore TLS session tickets
-------------------------------------------------+-------------------------
 Reporter:  dcf                                  |          Owner:  tbb-
     Type:  defect                               |  team
 Priority:  normal                               |         Status:  new
Component:  Tor Browser                          |      Milestone:
 Keywords:  meek TorBrowserTeam201410R           |        Version:
  TorBrowserTeam201410Easy                       |  Actual Points:
Parent ID:                                       |         Points:
-------------------------------------------------+-------------------------
 comment:1:ticket:13442 shows that meek-http-helper in Tor Browser 4.0
 doesn't match stock Firefox because it is missing the TLS session ticket
 extension. It's because of #10822 (and upstream Mozilla
 [https://bugzilla.mozilla.org/show_bug.cgi?id=917049 #917049] and
 [https://bugzilla.mozilla.org/show_bug.cgi?id=967977 #967977]) which
 replaced one pref with another.

 I've tested manually that setting
 `security.ssl.disable_session_identifiers=false` restores the missing
 extension. A test build with this patch has just started, but it's
 straightforward enough that I'll attach it now.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13586>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #13586 [Tor Browser]: Use security.ssl.disable_session_identifiers pref in meek-http-helper to restore TLS session tickets
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #13066 [Tor]: smartlist_choose_node_by_bandwidth() does not consider bad exit
Next by Author: Re: [tor-bugs] #13586 [Tor Browser]: Use security.ssl.disable_session_identifiers pref in meek-http-helper to restore TLS session tickets
Previous by thread: Re: [tor-bugs] #13066 [Tor]: smartlist_choose_node_by_bandwidth() does not consider bad exit
Next by thread: Re: [tor-bugs] #13586 [Tor Browser]: Use security.ssl.disable_session_identifiers pref in meek-http-helper to restore TLS session tickets
Index(es):
- Author
- Thread