The concept is simple. If an online advertising firm loads ads via a TLS (HTTPS) server, then it can enable TLS Session Resumption for that server.
When a user access Website A showing ads from the advertising firm, it also establishes a TLS session with the advertising firm's server. When the user visits Website B with ads from the same firm, instead of negotiating another TLS session, the user resumes the existing one, allowing the advertising firm to track the user as he moves across sites.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum