[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion

On 5/13/2014 9:10 PM, Patrick Schleizer wrote:
> Sounds good!
> Should some.clearnet.domain/some/thing send
> X-Onion-Address: xxx.onion/some/thing
> or
> X-Onion-Address: xxx.onion
> ?

I think the xxx.onion is sufficient.  We're simply telling the client
that the site is available at another location.  Perhaps there are cases
where additional data would be required (site is in a subdirectory of
the .onion domain?), but I haven't really thought about it.

> And vice versa, should .onion addresses send a HTTP header
> `X-Clearnet-Address`?

I don't see any advantage to doing this.

> To do it right, should it also support parameters that HSTS supports,
> such as max-age=15768000 / includeSubdomains?

I can see max-age being useful; includeSubdomains, probably not.

> Can we implement that header already today or would changes in apache be
> required?

Apache, lighttpd, and nginx all support custom headers with simple
changes to their respective configuration files.  I would suggest coming
up with a better name for the header though; I believe the `X-` prefix
is no longer favored, but I don't remember the actual preferences.

-- Mike
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to