[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] alt-svc supported by TBB
On 2018-09-18 14:33, Dave Warren wrote:
On 2018-09-18 13:33, nusenu wrote:
Can anyone confirm if the current release of TBB supports alt-svc?
I'm testing the Cloudflare alt-svc .onion beta project and I do see
the alt-svc header, but I'm trying to determine whether TBB is
actually using it or not. It seems like not, given that the website
can see a tor exit IP in the Cloudflare headers (I wouldn't expect
this since subsequent requests should be delivered over a .onion
TorBrowser is supposed to support alt-svc since version 8 but
we have had mixed results when testing it
Using the test page at https://perfectoid.space/test.php I get either
red or yellow exclusively, no amount of refreshing and/or changing
circuits seems to get green which confirms my own testing on a site I
operate that is participating in the beta.
I've been monkeying around a bit, and I can sometimes get this to work,
but very infrequently. It feels like if I open a tunnel to each of their
.onion addresses first then it increases the odds although I'm not sure
if this makes sense since a new hostname (the test site vs their .onion
addresses) should result in a new tunnel anyway.
And maybe this is just a limitation of the test site (although I don't
think so), but it seems that Cloudflare fails to notice many IPv6 exits,
whereas IPv4 exits usually get the country "T1" (meaning Cloudflare
knows this is a Tor exit and adds the Alt-Svc header).
Unfortunately the reliability doesn't seem to be here enough to try and
achieve Cloudflare's stated goals, but hopefully this is just an early
attempt and not the end of the road. On the flip side, maybe it is
working a little more than it appears since I'm not seeing CAPTCHAs when
using TBB 8, but I am from a second machine running TBB 7.
One final note: Are there any other Cloudflare users on the Free or Pro
plans? If so, could you go check if Onion Routing was enabled for you?
Their blog says it is enabled by default, but it is disabled on two of
my three sites -- Maybe this is due to being part of the beta though, I
did manually enable it on that third site and maybe that precluded it
from being enabled on my other two?
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to