Jump to content

Researchers warn against tracking via TLS Session Resumption


Sampei.Nihira

Recommended Posts


  • 4 weeks later...

security.tls.enable_0rtt_data is false (value recommended by above site) by default in Basilisk (both latest Win 7+ build, 2018.11.07, and @roytam1's latest build).

I had created the security.ssl.disable_session_identifiers Boolean and set it to true when this discussion started. It does slow down browsing a bit, but I haven't seen anything more serious than that.

I don't recommend setting privacy.firstparty.isolate to true unless you have an add-on that can substitute content typically downloaded from CDNs (JQuery, etc.) as it will break many web sites.

I did set security.ssl.enable_false_start to false as recommended at the above web site. I'll report back if it causes any issues.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...