[tor-bugs] #30814 [Applications/Tor Browser]: Consider resetting security.enable_tls_session_tickets

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jun 9 20:12:41 UTC 2019


#30814: Consider resetting security.enable_tls_session_tickets
------------------------------------------+----------------------
     Reporter:  acat                      |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 Taking a look at #28746 I realized `torbutton_update_isolation_prefs()`
 still sets `security.enable_tls_session_tickets = !isolate`. This should
 have been removed in #17252. For users which never played with
 `privacy.firstparty.isolate` this will still have the default value, but
 at least in my browser tls session tickets were disabled. I guess it might
 be the same for other developers/advanced users.

 I don't see a way of knowing whether `security.enable_tls_session_tickets
 = false` was set manually by the user or by `torbutton`. But I think we
 should consider resetting the pref to the default value to enable tls
 session tickets for all users.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30814>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list