[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #20447 [Applications/Tor Browser]: Tor Browser Spec is not accurate regarding Session IDs
#20447: Tor Browser Spec is not accurate regarding Session IDs
------------------------------------------+----------------------
Reporter: tom | Owner: tbb-team
Type: defect | Status: new
Priority: Very Low | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
Or at the least it's confusing. The doc says we clear Session IDs on New
Identity, but then says we disable them.
Patch:
{{{
From 5f5ff04e17ffc45eb0c2889ce6a71c7b2a312da7 Mon Sep 17 00:00:00 2001
From: Tom <tom@xxxxxxxxx>
Date: Mon, 24 Oct 2016 11:36:29 -0500
Subject: [PATCH] Clarify language about Session IDs (always disabled.)
---
design-doc/design.xml | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/design-doc/design.xml b/design-doc/design.xml
index 4ea0bff..36fa33a 100644
--- a/design-doc/design.xml
+++ b/design-doc/design.xml
@@ -1258,8 +1258,7 @@ bar origin.
</para>
<para><command>Implementation Status:</command>
-We currently clear SSL Session IDs upon <link linkend="new-identity">New
-Identity</link>, we disable TLS Session Tickets via the Firefox Pref
+We disable TLS Session Tickets via the Firefox Pref
<command>security.enable_tls_session_tickets</command>. We disable SSL
Session
IDs via a <ulink
url="https://gitweb.torproject.org/tor-browser.git/commit/?h=tor-
browser-31.6.0esr-4.5-1&id=a01fb747d4b8b24687de538cb6a1304fe27d9d88">patch
--
2.10.1
}}}
--
Ticket URL: <https://troodi.torproject.org/projects/tor/ticket/20447>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs