Re: [tor-dev] How to query HS hostname from control port
On 09/05/2016 12:43 AM, meejah wrote: > Could you use ADD_ONION instead? Why are you using the on-disk API if > you don't want to give your thing permission to read those directories? I'll consider it, but I want the onion service to be relatively permanent. It would best if the hostname didn't change every time tor restarted. > I also don't see why you'd give something permission to use the > control-port, but *not* permission to read hostname/private_key > files...? I'd just rather not risk unnecessary exposure of private keys. The software doesn't need the key, so I'm risking compromise just to do private -> public -> hostname, I'd rather query the hostname directly. I'm using cookie authentication and both tor and onions-server have a copy of the cookie file. This way I can set up IPC between them in a more secure manner and they can each run as a separate user. > (p.s. I can't reach http://onions55e7yam27n.onion/) Nothing is online at the moment. I'll make a separate post once everything is ready. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] HTTPS Everywhere
Respected all, Can I know the issues that are currently in https everywhere. -- *Akash Das* *Student Systems Admin* *Indian Institute Of Information Technology* *Sricity* ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] HTTPS Everywhere
On 09/05/2016 12:58 PM, AKASH DAS wrote: > Can I know the issues that are currently in https everywhere. This is the mailing list for Tor development, so you may want to redirect your question to the EFF or some different channel. HTTPS Everywhere has been really smooth for me and I've actually never had an issue with it across many devices and several years. I know that some websites don't handle HTTPS correctly, but that's why the EFF built the tool based on a carefull-managed whitelist. If almost all of your common websites are using HTTPS, then you might even consider enabling the "Block all unencrypted requests" option, but then don't be surprised when your favorite news site no longer loads. The situation is really improving thanks to Let's Encrypt. :) -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] HTTPS Everywhere
On Mon, Sep 05, 2016 at 10:28:26PM +0530, AKASH DAS wrote: > Can I know the issues that are currently in https everywhere. I don't know if this is what you're looking for, but here are some open bug tracker tickets. https://trac.torproject.org/projects/tor/query?status=!closed&component=HTTPS+Everywhere%2FEFF-HTTPS+Everywhere https://trac.torproject.org/projects/tor/query?status=!closed&component=HTTPS+Everywhere%2FHTTPS+Everywhere%3A+Chrome ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] HTTPS Everywhere
If I have to make any patch in the code, do I have to submit it in this mailing list or https-everywhere's mailing list? Just a doubt On Mon, Sep 5, 2016 at 10:35 PM, David Fifield wrote: > On Mon, Sep 05, 2016 at 10:28:26PM +0530, AKASH DAS wrote: > > Can I know the issues that are currently in https everywhere. > > I don't know if this is what you're looking for, but here are some open > bug tracker tickets. > > https://trac.torproject.org/projects/tor/query?status=! > closed&component=HTTPS+Everywhere%2FEFF-HTTPS+Everywhere > https://trac.torproject.org/projects/tor/query?status=! > closed&component=HTTPS+Everywhere%2FHTTPS+Everywhere%3A+Chrome > -- *Akash Das* *Student Systems Admin* *Indian Institute Of Information Technology* *Sricity* ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] HTTPS Everywhere
On 09/05/2016 01:19 PM, AKASH DAS wrote: > If I have to make any patch in the code, do I have to submit it in this > mailing list or https-everywhere's mailing list? Just a doubt What are you trying to patch? If you are trying to add a URL to their whitelist, you don't need to submit a patch as they have a tool for that. Otherwise, I am not certain how they accept git patches. Per convention, please reply below the original message instead of above it. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] How to query HS hostname from control port
On Mon, 5 Sep 2016 09:01:01 -0400 Jesse V wrote: > On 09/05/2016 12:43 AM, meejah wrote: > > Could you use ADD_ONION instead? Why are you using the on-disk API > > if you don't want to give your thing permission to read those > > directories? > > I'll consider it, but I want the onion service to be relatively > permanent. It would best if the hostname didn't change every time tor > restarted. You realize that ADD_ONION supports using an existing private key right? Like this: ADD_ONION RSA1024:[Blob Redacted] Port=80,192.168.1.1:8080 Regards, -- Yawning Angel pgpEl9QFnDfsy.pgp Description: OpenPGP digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Error in javascript:ISSUE#6761
There is an error in the javascript syntax in https-anywhere which the test bypasses. I have issued it in the github link https://github.com/EFForg/https-everywhere/issues/6761. On Mon, Sep 5, 2016 at 10:49 PM, AKASH DAS wrote: > If I have to make any patch in the code, do I have to submit it in this > mailing list or https-everywhere's mailing list? Just a doubt > > On Mon, Sep 5, 2016 at 10:35 PM, David Fifield > wrote: > >> On Mon, Sep 05, 2016 at 10:28:26PM +0530, AKASH DAS wrote: >> > Can I know the issues that are currently in https everywhere. >> >> I don't know if this is what you're looking for, but here are some open >> bug tracker tickets. >> >> https://trac.torproject.org/projects/tor/query?status=!close >> d&component=HTTPS+Everywhere%2FEFF-HTTPS+Everywhere >> https://trac.torproject.org/projects/tor/query?status=!close >> d&component=HTTPS+Everywhere%2FHTTPS+Everywhere%3A+Chrome >> > > > > -- > > *Akash Das* > > *Student Systems Admin* > > *Indian Institute Of Information Technology* > > *Sricity* > -- *Akash Das* *Student Systems Admin* *Indian Institute Of Information Technology* *Sricity* ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
