[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #28005 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Officially support onions in HTTPS-Everywhere

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #28005 [HTTPS Everywhere/EFF-HTTPS Everywhere]: Officially support onions in HTTPS-Everywhere
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 16 Sep 2019 16:17:02 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 16 Sep 2019 12:17:14 -0400
In-reply-to: <043.0bcfbc80373976fd36dc8f4bbbbefaff@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.0bcfbc80373976fd36dc8f4bbbbefaff@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#28005: Officially support onions in HTTPS-Everywhere
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  legind
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  HTTPS Everywhere/EFF-HTTPS           |        Version:
  Everywhere                                     |
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs https-everywhere tor-ux       |  Actual Points:
  network-team-roadmap-november                  |
Parent ID:  #30029                               |         Points:  20
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor27-must
-------------------------------------------------+-------------------------

Comment (by asn):

 Here are some notes from the plans we made in Stockholm in the meeting
 between
 me, antonela, sysrqb, redshiftzero, geko and dgoulet:

 ----

 Scope of work:
 - First iteration will include onion rules for securedrop websites
   (e.g. `nytimes.securedrop.tor.onion -> nyttips4bmquxfzw.onion`)
 - Need to add a toolbar button in the ffox UI to show that a redirect
 happened
 - Rewrite URL in URL bar (only show the human-readable url)
 - Add support for viewing rulesets (?)
 - See how update channels work and whether we should disable them or not.

 Out of scope:
 - First iteration will not allow people to easily add their own rules

 TLD scheme:
 - Three options for tld scheme:

   a) nytimes.securedrop.onion   (ambiguous and probably unsafe)
   b) nytimes.securedrop.tor.onion   (safe but bad UX)
   c) nytimes.securedrop.tor    (good UX but DNS leaks in other browsers)

   We decided to ditch (a) from our options and do either (b) or (c). (b)
 is the
   safest and we should probably roll with that (?).

 FPF plan:
 - FPF will change their securedrop directory to include ".tor.onion" links
 for
   their various instances.

 Metadata:
 - 3 months of work are enough

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28005#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #31071 [Metrics/ExoneraTor]: Add a notice if we're missing data for a lookup
Next by Author: Re: [tor-bugs] #31303 [Applications/Tor Browser]: Browser Toolboxfails to open when tor-launcher is present
Previous by thread: Re: [tor-bugs] #31758 [Internal Services/Tor Sysadmin Team]: upgrade postfix configurations to stretch/buster
Next by thread: Re: [tor-bugs] #10416 [Core Tor/Tor]: Tor won't start on Windows when path contains non-ascii characters
Index(es):
- Author
- Thread