[tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  ff60-esr
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 These prefs are much more eye grabbing as they display both the broken
 padlock and the "Not Secure" text, which is really important in TB
 context:

 
[[Image(https://web.archive.org/web/20180210095051if_/https://i.stack.imgur.com/lY6e4.jpg)]]

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+---
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:  Sponsor27
--+---
Changes (by pili):

 * sponsor:   => Sponsor27


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * sponsor:  Sponsor27 =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 No feedback from the UX team on this?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Closing #29678 as a duplicate. For Mozilla bugs on that matter, see:
 comment:5:ticket:29678 and comment:6:ticket:29678.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:  #30037| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * parent:   => #30037


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Chrome 68 will be released on: July 24th, 2018
 https://www.chromium.org/developers/calendar (which will label as insecure
 all http by default see https://arstechnica.com/information-
 technology/2018/07/despite-chromes-pending-mark-of-shame-3-major-news-
 sites-arent-https/ ) so can we get this for the next alpha as it's only a
 matter of flipping some prefs?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  worksforme
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => worksforme


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 11:19 PM Ticket #24104 (Delay descriptor bandwidth reporting on
 established relays) updated by arma
 Replying to arma: > All the more reason to open the …
 11:18 PM Ticket #26713 (relays should explicitly dirty their descriptors
 on entering/exiting ...) created by arma
 Motivated by the #24104 fixes: Currently Tor notices that it's gone …
 11:05 PM Ticket #26336 (Update tor-browser-settings addon for Fennec 61)
 updated by igt0
 I took a look in what is needed to make it work: 1. jpm[0] generates …
 10:40 PM Ticket #26712 (EVP_PKEY_HKDF not defined in libressl,
 src/lib/crypt_ops/crypto_hkdf.c ...) created by cypherpunks
 9:53 PM Ticket #25204 (Switch security.insecure_connection_* prefs to warn
 users about ...) updated by cypherpunks
 Chrome 68 will be released on: July 24th, 2018 …
 9:47 PM Ticket #26332 (Write up ticket triage process as algorithm or
 flowchart) closed by nickm
 implemented: Oh wait. Even a stopped clock is right 1-2 times per day
 (depending on …
 9:38 PM Ticket #23878 (Attempt rewriting buffers.c in Rust) updated by
 nickm
 Replying to cypherpunks: > Since …
 9:16 PM org/meetings/2018MexicoCity edited by leez
 (diff)
 9:10 PM Ticket #26376 (add cross compiling docs) updated by catalyst
 Status changed
 Thanks for the new documentation! I'm not sure the core team has much
 …
 8:25 PM Ticket #26367 (Consider removing tor2web mode) updated by dgoulet
 Status, Keywords, Milestone changed
 Here it is: https://github.com/torproject/tor/pull/218 Branch: …
 8:17 PM Ticket #18342 (Provide more accurate reverse DNS results) updated
 by karsten
 Status changed
 Alright! Squashed those fixup co

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by ProTipGuyFWIWWeLoveARMA):

 It's finally the day: Today’s the day that Chrome brands plain old HTTP
 “not secure” https://arstechnica.com/gadgets/2018/07/todays-the-day-that-
 chrome-brands-plain-old-http-as-not-secure/

 Can we get this ticket done for the next alpha? :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by cypherpunks):

 * keywords:  ff60-esr => ff60-esr, ux-team


Comment:

 Good idea! Putting ux-team to know what they think.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 If enabled in the next TB stable 8.0 release this would also coincide with
 the time Google enables it as well, and probably Mozilla as well.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:  #30025| Points:
 Reviewer:|Sponsor:
--+--
Changes (by antonela):

 * parent:  #30037 => #30025


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by pili):

 * parent:  #30025 =>


Comment:

 Ticket is not tagged with sponsor and will not be done for this project

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25204 [Applications/Tor Browser]: Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr

[Tor Bug Tracker & Wiki]

#25204: Switch security.insecure_connection_* prefs to warn users about insecure
HTTP in FF60-esr
--+--
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  ff60-esr, ux-team |  Actual Points:
Parent ID:  #30037| Points:
 Reviewer:|Sponsor:
--+--

Comment (by cypherpunks):

 Backport https://bugzilla.mozilla.org/show_bug.cgi?id=1562881

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs