[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #21952 [Webpages]: .Onion everywhere?: increasing the use of onion services through automatic redirects and aliasing
#21952: .Onion everywhere?: increasing the use of onion services through automatic
redirects and aliasing
----------------------+--------------------------
Reporter: linda | Owner: linda
Type: project | Status: reopened
Priority: Medium | Milestone:
Component: Webpages | Version:
Severity: Normal | Resolution:
Keywords: ux-team | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------+--------------------------
Comment (by arthuredelstein):
Replying to [comment:31 tom]:
> Now there is one wrinkle in my idea. Alt-Svc is delivered once, and then
the client remembers it and uses it the next time. (Optionally it uses it
the first time too, but that gains us no security.) Remembering means
state. State means tracking.
Generally speaking, Tor Browser wipes all state after every session. (We
should check that that is true for Alt-Svc.) And as Mozilla has already
kindly implemented [https://bugzilla.mozilla.org/show_bug.cgi?id=1334690
first-party isolation for Alt-Svc], I think it won't be usable for
tracking.
Replying to [comment:35 alecmuffett]:
> Great. I posted a long and friendly explanation, and Trac swallowed it
because it wanted email verification.
> 2) issuing AltSvc headers makes no sense unless the client is coming
from an exit node, so if you want people to adopt that solution then you
need to make it really cheap for sites to check if a client is an exit
node
The client could also somehow indicate in the HTTP request that it
supports onions.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21952#comment:38>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs