[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
From: Michael Wolf <mikewolf@xxxxxxxxxx>
Date: Wed, 14 May 2014 07:14:21 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 14 May 2014 07:26:17 -0400
In-reply-to: <5372C283.9070107@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Openpgp: id=CA6A1F17
References: <530E784E.4010004@xxxxxxxxxx> <5372A9AD.6030405@xxxxxxxxxx> <5372BE10.90404@xxxxxxxxxx> <5372C283.9070107@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0

On 5/13/2014 9:10 PM, Patrick Schleizer wrote:
> Sounds good!
> 
> Should some.clearnet.domain/some/thing send
> 
> X-Onion-Address: xxx.onion/some/thing
> or
> X-Onion-Address: xxx.onion
> ?

I think the xxx.onion is sufficient.  We're simply telling the client
that the site is available at another location.  Perhaps there are cases
where additional data would be required (site is in a subdirectory of
the .onion domain?), but I haven't really thought about it.

> And vice versa, should .onion addresses send a HTTP header
> `X-Clearnet-Address`?

I don't see any advantage to doing this.

> To do it right, should it also support parameters that HSTS supports,
> such as max-age=15768000 / includeSubdomains?

I can see max-age being useful; includeSubdomains, probably not.

> Can we implement that header already today or would changes in apache be
> required?

Apache, lighttpd, and nginx all support custom headers with simple
changes to their respective configuration files.  I would suggest coming
up with a better name for the header though; I believe the `X-` prefix
is no longer favored, but I don't remember the actual preferences.

-- Mike
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
  - From: Patrick Schleizer

References:
- [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
  - From: Patrick Schleizer
- Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
  - From: Michael Wolf
- Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
  - From: Patrick Schleizer

Prev by Author: Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
Next by Author: Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
Previous by thread: Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
Next by thread: Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion
Index(es):
- Author
- Thread