[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services
#23247: Communicating security expectations for .onion: what to say about different
padlock states for .onion services
-------------------------------------------------+-------------------------
Reporter: isabela | Owner:
| pospeselr
Type: project | Status:
| assigned
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ux-team, tor-hs, | Actual Points:
TorBrowserTeam201805 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by pospeselr):
Ok, I've a (seemingly) full working patch with one little bit of polish
remaining. The Page Info window (at the bottom under **Technical
Details**) for HTTP Onion services indicate that the connection isn't
encrypted, when in fact it is fully end-to-end encrypted by virtue of
going over Tor:
[[Image(https://trac.torproject.org/projects/tor/raw-
attachment/ticket/23247/Page%20Info.png)]]
Here's what an HTTPS Onion has to say:
[[Image(https://trac.torproject.org/projects/tor/raw-
attachment/ticket/23247/Page%20Info%20SSL.png)]]
It's easy enough to add/modify text here, but the question is **what**
text to put here? Preferably something succinct I think (so that it can
be added as an addendum to HTTPS Onion services as well).
Any thoughts on this?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23247#comment:45>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs