[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Any risks with another application using Tor's SOCKS 5 interface?


James Marshall:
> Thanks for the link to TBB's design document-- very useful.  I haven't read
> it all, but I'm looking at section 2.2, "Privacy Requirements":
> 1) "Cross-Origin Identifier Unlinkability"-- so do sites with CORS or
> Content-Security-Policy: not work through Tor?  CGIProxy supports CSP but
> not CORS yet; I could add a flag to disable those two technologies.

they are working. In a privacy-preserving way. See:
for a more in-depth explanation what is meant by this and for the state
of the implementation + what is missing. (You might want to look at
section 4.6 as well as identifiers are not the only issue here.)


Attachment: signature.asc
Description: OpenPGP digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to