#28005: Officially support onions in HTTPS-Everywhere -------------------------------------------------+------------------------- Reporter: asn | Owner: legind Type: defect | Status: new Priority: Medium | Milestone: Component: HTTPS Everywhere/EFF-HTTPS | Version: Everywhere | Severity: Normal | Resolution: Keywords: tor-hs https-everywhere tor-ux | Actual Points: network-team-roadmap-november | Parent ID: #30029 | Points: 20 Reviewer: | Sponsor: | Sponsor27-must -------------------------------------------------+-------------------------
Comment (by asn): Here are some notes from the plans we made in Stockholm in the meeting between me, antonela, sysrqb, redshiftzero, geko and dgoulet: ---- Scope of work: - First iteration will include onion rules for securedrop websites (e.g. `nytimes.securedrop.tor.onion -> nyttips4bmquxfzw.onion`) - Need to add a toolbar button in the ffox UI to show that a redirect happened - Rewrite URL in URL bar (only show the human-readable url) - Add support for viewing rulesets (?) - See how update channels work and whether we should disable them or not. Out of scope: - First iteration will not allow people to easily add their own rules TLD scheme: - Three options for tld scheme: a) nytimes.securedrop.onion (ambiguous and probably unsafe) b) nytimes.securedrop.tor.onion (safe but bad UX) c) nytimes.securedrop.tor (good UX but DNS leaks in other browsers) We decided to ditch (a) from our options and do either (b) or (c). (b) is the safest and we should probably roll with that (?). FPF plan: - FPF will change their securedrop directory to include ".tor.onion" links for their various instances. Metadata: - 3 months of work are enough -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28005#comment:9> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs