[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #21361 [Applications/Tor Browser]: Enable browser APIs only allowed in secure contexts for NG HS

Subject: [tor-bugs] #21361 [Applications/Tor Browser]: Enable browser APIs only allowed in secure contexts for NG HS
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 01 Feb 2017 02:42:04 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 31 Jan 2017 21:42:17 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21361: Enable browser APIs only allowed in secure contexts for NG HS
------------------------------------------+----------------------
     Reporter:  legind                    |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 Next Generation Hidden Services provide vastly improved protection against
 brute-force attacks than even many TLS certificates.  Currently, hidden
 services can only utilize browser APIs which require secure context
 https://www.w3.org/TR/secure-contexts/ if they are provided over HTTPS.

 The CA/Browser forum has allowed for Extended Validation HTTPS
 certificates to be issued for .onion addresses
 https://cabforum.org/2015/02/18/ballot-144-validation-rules-dot-onion-
 names/, but this both a) requires deanonymization of the HS to comply with
 the EV requirements, and b) is often prohibitively expensive.

 Explicitly allowing browser APIs for onion addresses which are only
 allowed in secure contexts, even if they are not provided over HTTPS,
 would fix this.  It's important to note that the APIs which are allowed
 only in secure contexts have this restriction often because they are
 releasing personally identifiable information about the end user (such as
 location), but this is not necessarily the case.  This obviously does not
 supersede the scrutiny individually applied to the various APIs wrt their
 privacy implications, which is quite a separate consideration.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21361>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #13802 [Core Tor/Tor]: Add general trace-event logging instrumentation to Tor
Next by Author: Re: [tor-bugs] #21328 [Applications/Tor Browser]: Move to clang 3.8.0 for Tor Browser's clang-based macOS toolchain
Previous by thread: Re: [tor-bugs] #21360 [Core Tor/Tor]: add controller event to track changes to 'getinfo onions/detached'
Index(es):
- Author
- Thread