Jan Weiher writes: > Hi, > I don't understand, too and in my opinion, this is utter nonsense. I'm > not aware of any negative impacts on privacy due to the usage of > https://,
Session resumption can be used to recognize an individual browser that connects from different IP addresses, or even over Tor. This kind of recognition can be perfect because the resumption involves a session key which is large, random, and could not legitimately have been known to any other browser. :-( > but without, there is the danger of eavesdropping at the exit > node. Definitely. -- Seth Schoen Senior Staff Technologist sch...@eff.org Electronic Frontier Foundation https://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
