[tor-bugs] #30814 [Applications/Tor Browser]: Consider resetting security.enable_tls_session_tickets
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jun 9 20:12:41 UTC 2019
#30814: Consider resetting security.enable_tls_session_tickets
------------------------------------------+----------------------
Reporter: acat | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
Taking a look at #28746 I realized `torbutton_update_isolation_prefs()`
still sets `security.enable_tls_session_tickets = !isolate`. This should
have been removed in #17252. For users which never played with
`privacy.firstparty.isolate` this will still have the default value, but
at least in my browser tls session tickets were disabled. I guess it might
be the same for other developers/advanced users.
I don't see a way of knowing whether `security.enable_tls_session_tickets
= false` was set manually by the user or by `torbutton`. But I think we
should consider resetting the pref to the default value to enable tls
session tickets for all users.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30814>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list