On Mon, Sep 26, 2011 at 8:15 PM, Mike Perry <[email protected]> wrote: > Previously we dealt with SSL Session IDs only by clearing them upon > toggle, on the assumption that Tor sessions would be short lived. We > also clear them with the "New Identity" button in Tor Browser, so Tor > Browser users are not entirely defenseless.
Oh, awesome, I hadn't noticed that. Actually, this is IMHO more than enough. > Thanks for finding this! No, thank you. It's much easier to critique than build it in the first place. ;) -- Mansour _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
