--- Juliusz Chroboczek <[EMAIL PROTECTED]> wrote: >> (1) use a smaller timeout for idle connections; >> (2) shut down a connection after some number of >> serviced requets; >> (3) shut down a connection after it's been used >> for some time. > > I for one would like to see (1) and (3) > implemented as > I tend to agree with Roger. > >> Sigh. Here I am, brain the size of a planet, and >> they're asking me to implement timeouts.
wow. You must have a big head! (in more ways than one). How do get hats that fit? ;-) >> I've done all three, Great, thanks >> for the paranoid among you. Well, we are talking about Tor... >> Since I don't believe in this particular threat You may be correct, I see both points of view. But, may I say that it shows character for you to do this even though you think it's a waste. > Another possible anonymity threat is when a Tor > > user routing through Polipo passes the NEWNYM > signal to Tor. This signal makes Tor use a new > (clean) circut for new connections. > >> Ahem... you're expecting to get a new persona >> without flushing Polipo's cache, your browser's >> cookies and your browser's cache? No, I didn't say that. But IMHO having Polipo shutdown connections when a NEWNYM signal is sent may be one part of the puzzle. >> Could Polipo be made to listen for the NEWNYM >> signal passed to Tor? > > There's no need for that -- whoever is sending the > NEWNYM signal should restart both the web browser > and Polipo. Well, that would not be very efficient as I have been known to use NEWNYM many times in a single on-line session. I agree however that the browser should be purged of session data like cookies, cache, etc as should Polipo's cache be cleared when sending the NEWNYM signal...especially if staying on the same host. Regards, __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
