On Sun, Nov 9, 2014, at 07:50 AM, George Kadianakis wrote: > Hidden Service authorization is a pretty obscure feature of HSes, that > can be quite useful for small-to-medium HSes. ... > For example, it would be interesting if TBB would allow people to > input a password/pubkey upon visiting a protected HS. Protected HSes > can be recognized by looking at the "authentication-required" field of > the HS descriptor. Typing your password on the browser is much more > useable than editing a config file.
We have been working on implementing an OnionShare feature for Orbot, as a plugin/add-on. Since the client and the server are both one simple app, it seems like we could easily implement the HS Authorization feature. Since the goal is to share a file with a small audience, the second "client key" approach seems to be the best, most secure approach to me. Any thoughts? _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev