[tbb-bugs] #4100 [Tor Browser]: Isolate SPDY and HTTP Keep-Alive to top-level domain
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Mar 28 21:19:46 UTC 2015
#4100: Isolate SPDY and HTTP Keep-Alive to top-level domain
--------------------------+------------------------------------------------
Reporter: | Owner: tbb-team
mikeperry | Status: new
Type: | Milestone: TorBrowserBundle 2.3.x-stable
enhancement | Version:
Priority: major | Keywords: tbb-linkability, tbb-firefox-patch
Component: Tor | Parent ID:
Browser |
Resolution: |
Actual Points: |
Points: |
--------------------------+------------------------------------------------
Changes (by gk):
* cc: gk (added)
Comment:
Don't we get the isolation we need for free with our current
implementation of "Use different circuits for different URL bar domains"?
I made a quick test with loading google.com and
https://people.torproject.org/~gk/misc/keep-alive.html (which loads a
resource requested as well if one loads google.com) making sure I did that
within our current keep-alive limit and all requests are properly isolated
meaning they use different circuits. How should the keep-alive you get
while loading google.com interfere with the one you get if loading keep-
alive.html provided they use different exit nodes?
Recalling the discussion on IRC with s7r I think that would even mitigate
the problem of onion sites loading foo.com clearnet resources while having
foo.com open in a different tab.
What am I missing?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4100#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list