|
@@ -1193,8 +1193,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
|
|
|
/* Disable TLS tickets if they're supported. We never want to use them;
|
|
|
* using them can make our perfect forward secrecy a little worse, *and*
|
|
|
* create an opportunity to fingerprint us (since it's unusual to use them
|
|
|
- * with TLS sessions turned off). Clients need to advertise support for
|
|
|
- * them, though to avoid a TLS distinguishability vector.
|
|
|
+ * with TLS sessions turned off).
|
|
|
+ *
|
|
|
+ * In 0.2.4, clients advertise support for them, though to avoid a TLS
|
|
|
+ * distinguishability vector. This can give us worse PFS, though, if we
|
|
|
+ * get a server that doesn't set SSL_OP_NO_TICKET. With luck, there will
|
|
|
+ * be few such servers by the time 0.2.4 is more stable.
|
|
|
*/
|
|
|
#ifdef SSL_OP_NO_TICKET
|
|
|
if (! is_client) {
|