Why aren’t the cache files deleted when Tor is closed, and could they be used to help trace where Tor had been connected to?
There’s a bunch of 'em!
cached-certs
cached-descriptors
cached-descriptors.new
cached-microdesc-consensus
cached-microdescs
cached-microdescs.new
I read about the cached data here.
It’s gibberish to me, but doesn’t seem to address the security question.
It's a "hints for future" for your Tor node: these files will speed-up it's reintegration into network when restarted and some possible malicious node attacks - generally based on MitM techniques - can be prevented, i.e. it's maintaining a "known certificates and keys list". There's nothing bad in deleting them, but nothing good either: 10-20Mbytes on disk, rarely accessed - it's not so expensive nowdays to just have it "for good"
