[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Hidden Service authorization UI



> In the future "Next Generation Hidden Services" specification there
> are again two ways to do authorization:
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt#l1446
> One way is with a password and the other is with a public key.

A {shared secret,key} and a user specific onion?

>
> I suspect that HS authorization is very rare in the current network,
> and if we believe it's a useful tool, it might be worthwhile to make
> it more useable by people.
>

I've used this feature extensively. I love it.

> For example, it would be interesting if TBB would allow people to
> input a password/pubkey upon visiting a protected HS. Protected HSes
> can be recognized by looking at the "authentication-required" field of
> the HS descriptor. Typing your password on the browser is much more
> useable than editing a config file.

That sounds interesting.

All the best,
Jacob
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev