Closed
Bug 448747
Opened 16 years ago
Closed 14 years ago
Provide Mechanism to clear TLS Session IDs
Categories
(Core :: Security: PSM, enhancement)
Tracking
()
RESOLVED
FIXED
People
(Reporter: mikeperry.unused, Unassigned)
Details
In Bug 405652, it was mentioned that TLS Session IDs can persist for an indefinite duration, providing an identifier that is sent to TLS sites that can be used to link activity. This is particularly troublesome now that we have certificate verification in place. Even when using an anonymity network such as Tor with Torbutton, the OCSP server can use this identifier to build a history of TLS sites someone visits, and also correlate their activity as they move from network to network (such as home to work to coffee shop, etc). In addition, for the 'Private Mode' feature discussed in Bug 248970, it would be nice not to transmit any identifier to say gmail after entering in to this mode. Ideally this would happen on the 'cookie-changed' observer event, which is also used as the trigger to clear out the (identifying) keys used by the Safe Browsing code. However, it is probably not possible for NSS to listen for this event. Perhaps a call could be exposed that some component of Firefox could invoke upon receiving the 'cookie-changed' event itself?
Updated•16 years ago
|
Assignee: nobody → kaie
Component: Libraries → Security: PSM
Product: NSS → Core
QA Contact: libraries → psm
Comment 1•16 years ago
|
||
The NSS function to do this is SSL_ClearSessionCache. PSM already calls it in numerous places. See a list of them at http://mxr.mozilla.org/security/search?string=SSL_ClearSessionCache&find=manager So, perhaps there is no need for additional development here, but only documenting the different ways that this gets called.
Reporter | ||
Comment 2•15 years ago
|
||
As a note, the hack we use to deal with this in torbutton is to toggle security.enable_ssl2, which clears the cache via the pref listener at http://mxr.mozilla.org/security/source/security/manager/ssl/src/nsNSSComponent.cpp#2134
Updated•15 years ago
|
Flags: blocking1.9.0.19?
Updated•15 years ago
|
Flags: blocking1.9.0.19?
Comment 3•15 years ago
|
||
The SeaMonkey user interface used to have a "logout" functionality. I would hope that Firefox' "clear private data" functionality is linked to the described clearing of the session cache. If not, it should. Mike, can you please try to use "clear private data (clear recent history)", then "details", then "active logins"? Does that clear it?
Assignee: kaie → nobody
Comment 4•15 years ago
|
||
Ok, I understand better what you want. You're not talking about "interactive logout triggered by the user", but rather a mechanism to clear the data from within the code level. If you're at the extension level, you can probably access nsICrypto::Logout() to flush it. If you don't like the logout sideeffects, we could introduce a new JavaScript-level event that triggers the clearing of the session cache. A good place to watch for that is nsNSSComponent::Observe(). I think a new event should be introduced. I don't like the idea to do it together with cookie-changed event.
Reporter | ||
Comment 5•14 years ago
|
||
nsIDOMCrypto::Logout() now works for this. However, there are more bits of state in TLS we need to fix, but I'll file other bugs for those.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•