Closed Bug 448747 Opened 12 years ago Closed 9 years ago
Provide Mechanism to clear TLS Session IDs
In Bug 405652, it was mentioned that TLS Session IDs can persist for an indefinite duration, providing an identifier that is sent to TLS sites that can be used to link activity. This is particularly troublesome now that we have certificate verification in place. Even when using an anonymity network such as Tor with Torbutton, the OCSP server can use this identifier to build a history of TLS sites someone visits, and also correlate their activity as they move from network to network (such as home to work to coffee shop, etc). In addition, for the 'Private Mode' feature discussed in Bug 248970, it would be nice not to transmit any identifier to say gmail after entering in to this mode. Ideally this would happen on the 'cookie-changed' observer event, which is also used as the trigger to clear out the (identifying) keys used by the Safe Browsing code. However, it is probably not possible for NSS to listen for this event. Perhaps a call could be exposed that some component of Firefox could invoke upon receiving the 'cookie-changed' event itself?
Assignee: nobody → kaie
Component: Libraries → Security: PSM
Product: NSS → Core
QA Contact: libraries → psm
The NSS function to do this is SSL_ClearSessionCache. PSM already calls it in numerous places. See a list of them at http://mxr.mozilla.org/security/search?string=SSL_ClearSessionCache&find=manager So, perhaps there is no need for additional development here, but only documenting the different ways that this gets called.
As a note, the hack we use to deal with this in torbutton is to toggle security.enable_ssl2, which clears the cache via the pref listener at http://mxr.mozilla.org/security/source/security/manager/ssl/src/nsNSSComponent.cpp#2134
The SeaMonkey user interface used to have a "logout" functionality. I would hope that Firefox' "clear private data" functionality is linked to the described clearing of the session cache. If not, it should. Mike, can you please try to use "clear private data (clear recent history)", then "details", then "active logins"? Does that clear it?
Assignee: kaie → nobody
nsIDOMCrypto::Logout() now works for this. However, there are more bits of state in TLS we need to fix, but I'll file other bugs for those.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.