Partition the TLS session cache per the origin of the top-level window
Categories
(Core :: Networking: HTTP, task, P2)
Tracking
()
People
(Reporter: ehsan.akhgari, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged])
We need to do this for parity with what Chrome is implementing with their HTTP Cache paritioning (see the second message in https://groups.google.com/a/chromium.org/forum/m/#!msg/blink-dev/6KKXv1PqPZ0/3_1nYzrBBAAJ).
We might need to file a separate NSS bug for adding support for this at the NSS level. Not really sure about all of the details here.
|
||
Updated•5 years ago
|
|
||
Comment 1•5 years ago
|
||
Dragana, will this include TLS authentication or should that have its own bug?
|
Reporter | |
Updated•5 years ago
|
|
|
||
Comment 2•5 years ago
|
||
(In reply to Anne (:annevk) from comment #1)
Dragana, will this include TLS authentication or should that have its own bug?
I am not exactly sure what do you mean with TLS authentication. Do you mean certificate verification? I think the answer is that we do not need anything else.
|
|
||
Comment 3•5 years ago
•
|
||
TLS client certificates. (Although thinking about it more that does not make sense as they are more like cookies, so maybe ignore that comment and this one.)
|
|
||
Comment 4•3 years ago
|
||
I assume this got fixed elsewhere? Or should this be considered a blocker for bug 1673921?
|
||
Comment 5•3 years ago
|
||
The NSS Socket peer Id has been isolated by the OAs, see here. So, I think we have fixed this issue in Bug 1642667.
Dragana, could you confirm this?
|
|
||
Comment 6•3 years ago
|
||
That fixes this issue.
Description
•