Delivery-Date: Fri, 20 Jun 2014 04:27:43 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by moria.seul.org (Postfix) with ESMTPS id A99051E0C39
	for <archiver@seul.org>; Fri, 20 Jun 2014 04:27:41 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id D881E2FF61;
	Fri, 20 Jun 2014 08:27:37 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id C386D2FE14
 for <tor-talk@lists.torproject.org>; Fri, 20 Jun 2014 08:15:59 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id z_5oM58Cn5Tt for <tor-talk@lists.torproject.org>;
 Fri, 20 Jun 2014 08:15:59 +0000 (UTC)
Received: from bilestoad.getfoxyproxy.org (bilestoad.getfoxyproxy.org
 [162.243.99.25])
 by eugeni.torproject.org (Postfix) with ESMTP id AA9BF2FB0E
 for <tor-talk@lists.torproject.org>; Fri, 20 Jun 2014 08:15:59 +0000 (UTC)
Received: from [0.0.0.0] (tor.pm-ib.de [83.133.106.73])
 by bilestoad.getfoxyproxy.org (Postfix) with ESMTPSA id CEF2F1229E2
 for <tor-talk@lists.torproject.org>; Fri, 20 Jun 2014 08:15:54 +0000 (UTC)
Message-ID: <53A3ED9E.2080206@torproject.org>
Date: Fri, 20 Jun 2014 08:15:26 +0000
From: Georg Koppen <gk@torproject.org>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <53A30C94.1080506@gmx.com> <53A33139.7050405@torproject.org>
 <53A3634D.4010101@gmail.com>
In-Reply-To: <53A3634D.4010101@gmail.com>
Subject: Re: [tor-talk] Should DOM storage really be enabled by default in
 TorBrowser?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============2764815157125273228=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============2764815157125273228==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="PNPmIIBdXegHuSvHToOhQox6TMfMuTbOh"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--PNPmIIBdXegHuSvHToOhQox6TMfMuTbOh
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Aymeric Vitte:
>=20
> Le 19/06/2014 20:51, Georg Koppen a =E9crit :
>> DOM Storage in Tor Browser does not save state to disc.
>=20
> So it's there until you close your browser, that's far enough to track
> you and expose you.
>=20
>>   And it is bound
>> to the URL bar domain (see design document).
>=20
> That's not specific to DOM storage, it just follows the same origin
> policy like all W3C/WHATWG APIs

That holds for the one in a vanilla Firefox, yes. But not for the one we
ship. You should really read our design document and look at the commit
in my other mail.

Georg



--PNPmIIBdXegHuSvHToOhQox6TMfMuTbOh
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTo+2lAAoJEOgtYV2sOoIdViQQAItPcyVnGlJpPpwFM1vEyP+G
bFgYVsT3STZb2/2wvko1yoed922SLdVDbQsoKuGsfP1gtkqFG17hitfQKIZzFsRF
R85Yk9357ICq9JF4eF1pHUOKKmH5virW3Nc+Ebdcmf+zO3oZU5rA9RQrvUVo8CJi
o1yREdvsxLfeN6QN1eX+6QlwPh0UOQHXGDs4QnkGFg0APjEAgEaxz12RScYVmYWR
iBluhG47wL1a6qsqC+OLM0OKNA2cA6ZiPgV+wN9flPoPtF6RrYDf5V+ToEmJBjrk
yg0a3HKda+e2F4z+EQFaJStR6E1Hg5ml8UvpYtC9ZPKjo5vyGNO6+r8GDRdB3TOU
alcj5O5GzhjZr+m84NKa9tvf6EdcuOIpE3Map08Bo02RVdDbkQ39mNBRvwaaMWm4
QDOm4hqGi2Q3qURBPIztMpLwOP/ykti2VLAtaKU/8+A7ZEU1gicHMG2NJC6Jxn2H
QAA33E+9OU0UGpJnZyfp4HMBKIWYuqSxHz0oFWj4Q+NIqz68cUD15iiss4Ee8t9v
L11X4a8uT9BHn+WCz7mlBMBXaOestGlDmoYGcsdKThgXKF4Z3h8UizyMknKX6Nyv
fSHI/1E7kh1+1ORAPayaOleUTu40EGfBXEWCtZiKPCFju12zeV4JlqmjQoMVjOSp
p+2Aiz1wNVRhM6o+bhCX
=wWBQ
-----END PGP SIGNATURE-----

--PNPmIIBdXegHuSvHToOhQox6TMfMuTbOh--

--===============2764815157125273228==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============2764815157125273228==--

