1gb+ files in cert-revocations folder, can i clean ? ( filter.stash )

I use tor browser (firefox based).
And in directory TorBrowser\Data\Browser\Caches<profile_name>\settings\security-state\cert-revocations

I have now 1139 files named 20240312-3-filter.stash with changed date, it represents 1.08gb in size.

My question is, is it safe to remove those files ?

I cannot find any answer to that question on google/reddit

What is your OS? And yes, you can just delete them

As far as these files go, AFAICT, these shouldn’t even exist. They are part of the older structure for CRLite. And CRLite isn’t used in Tor Browser by default. FYI, my current Firefox (123) uses a single crlite.filter and crlite.stash

If you open about:config, what are the values of

  • security.remote_settings.crlite_filters.enabled (should be false)
  • security.pki.crlite_mode (should be 0)

Reset them if they are modified (if it’s modified you will see a reset arrow symbol on the right hand side)


1 Like

Thank you very much for your post

Now i understand what those files are, and this is linked to TLS/HTTPS ; also the whole crl concept seem counterproductive when navigating on the kind of websites im going on.

I am using a custom user.js file, and it had some good stuff in it but also had:
user_pref(“security.remote_settings.crlite_filters.enabled”, true);
user_pref(“security.pki.crlite_mode”, 2);

I will remove that from user.js and do the change in about:config, and will clean those file after.

And yes my torbrowser is a bit outdated (i dont wanna tell my version).

Thank you

you shouldn’t be modifying preferences - JS attack templates can fingerprint literally 10k + metrics in about 10-20ms … and you almost certainly be altering your fingerprint. about:config entries are meant for testing and rollouts, not for fiddling with

1 Like

Yes you are right,
using a user.js file was a stupid move

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.