[tor-bugs] #13236 [- Select a component]: investigate Firefox SSL for things that might allows user tracking
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 24 22:52:51 UTC 2014
#13236: investigate Firefox SSL for things that might allows user tracking
----------------------------------+---------------------
Reporter: arthuredelstein | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: - Select a component | Version:
Keywords: | Actual Points:
Parent ID: | Points:
----------------------------------+---------------------
From a [https://bugzilla.mozilla.org/show_bug.cgi?id=967977#c8 comment by
Patrick McManus]:
> (In reply to David Keeler (:keeler) [use needinfo?] from comment #5)
> > mcmanus, are there other TLS features that are enabled by default that
would
> > allow tracking users? (The aim of this bug is to add an option that
would
> > prevent that sort of thing.)
>
> sure - at various levels of granularity. None as extreme as session
tickets.
> Anything that keeps state, right?
>
> some that come to mind:
> * the version intolerance cache
> * our false start behavior involves "have I seen this algorithm before"
> * the hsts database
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13236>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list