[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser

Subject: Re: [tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 09 Jun 2017 07:50:24 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 09 Jun 2017 03:50:37 -0400
In-reply-to: <051.f0e37f08c25c1d9371c5d208a4a9a65e@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.f0e37f08c25c1d9371c5d208a4a9a65e@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21321: .onion HTTP is shown as non-secure in Tor Browser
----------------------------------------------+--------------------------
 Reporter:  cypherpunks                       |          Owner:  tbb-team
     Type:  task                              |         Status:  new
 Priority:  High                              |      Milestone:
Component:  Applications/Tor Browser          |        Version:
 Severity:  Major                             |     Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+--------------------------

Comment (by gk):

 I am not sure yet about how to deal with the various security indicators
 in the browser UI (like padlock icon) but it seems to me we could make
 sure that the scary password field warning does not show up anymore when
 being on an HTTP .onion site. Even if we might disagree about how secure
 exactly that mode is I feel it is sufficiently secure that the warning
 against plain-HTTP password fields is not warranted. Does that sound like
 a reasonable start?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21321#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #19982 [Core Tor/Tor]: Remove all openssl calls outside of crypto*.c, tortls*.c
Next by Author: Re: [tor-bugs] #22581 [Applications/Tor Browser]: Tor browser is crashing on exit on Windows
Previous by thread: Re: [tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser
Next by thread: Re: [tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser
Index(es):
- Author
- Thread