[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Hidden Service authorization UI



On 11/9/14 8:58 PM, Jacob Appelbaum wrote:
>> For example, it would be interesting if TBB would allow people to
>> input a password/pubkey upon visiting a protected HS. Protected HSes
>> can be recognized by looking at the "authentication-required" field of
>> the HS descriptor. Typing your password on the browser is much more
>> useable than editing a config file.
> That sounds interesting.

Also i love this idea but i would suggest to preserve the copy&paste
self-authenticated URL property of TorHS, also in presence of authorization.

It could be done with a parameter in the URL
http://blahblah.onion/?authTorHBauBauMeowMeow=PASSWORD
Or it could be done with a URL handler httpA://PASSWORD@xxxxxxxxxxxxxx .

That way it will be possible to use such authenticated TorHS by
bookmarking an URL in TBB or by copy/pasting it from a password manager.

-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - http://globaleaks.org - http://tor2web.org - http://ahmia.fi

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev