Security/Anonymous Browsing: Difference between revisions

Jump to navigation Jump to search

Security/Anonymous Browsing (view source)

Revision as of 10:28, 26 June 2010

615 bytes added ,  26 June 2010
→‎SSL
Line 123: Line 123:


==SSL==
==SSL==
SSL certs, etc.
 
The SSL Layer currently exposes a few different pieces of identifying information that would need to be altered while the user is in anonymous browsing mode. Stored client certificates must be disabled during the mode. All current SSL session identifiers must be cleared upon entering the mode.
 
Stored server and CA certificates may also need to be optionally disabled, though this should be left to user preference.
 
Finally, the SSL handshake also contains a timestamp from the client. A small random, per-domain offset could be added to it, but since it is already truncated to the second, this may not be terribly important.


==Form Fill==
==Form Fill==
Mikeperry
70

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/233937"

Navigation menu