>> (1) use a smaller timeout for idle connections; >> (2) shut down a connection after some number of >> serviced requets; >> (3) shut down a connection after it's been used >> for some time.
> I for one would like to see (1) and (3) implemented as > I tend to agree with Roger. Sigh. Here I am, brain the size of a planet, and they're asking me to implement timeouts. I've done all three, for the paranoid among you. Since I don't believe in this particular threat, the default values are very large for (2) and (3). They're controlled by the following variables : (1) serverIdleTimeout, default 45 s; (2) maxConnectionRequests, default 400; (3) maxConnectionAge, default 21 m. > Another possible anonymity threat is when a Tor user > routing through Polipo passes the NEWNYM signal to > Tor. This signal makes Tor use a new (clean) circut > for new connections. Ahem... you're expecting to get a new persona without flushing Polipo's cache, your browser's cookies and your browser's cache? > Could Polipo be made to listen for the NEWNYM signal > passed to Tor? There's no need for that -- whoever is sending the NEWNYM signal should restart both the web browser and Polipo. Juliusz