On Wed, Jul 01, 2020 at 08:35:44PM +0200, juanjo wrote:
Hello,
We all know HTTP2 is faster than HTTP1, the downside for Onion sites is that it requires encrypted connections by default.
Getting TLS certificate validation for onion sites is very hard and impossible for some people.
I wanna ask how Tor Browser behaves if you enable HTTP2 with a self-signed certificate?
I haven't tested it, but I see no reason why Tor Browser would behave differently with respect to invalid TLS certificates over HTTP 1.0/1.1 and h2. I've wanted to test h2c over an onion service connection for a long time now, but I haven't gotten around to it.
Do you get a warning like on a normal website? If so, could TB change this behavior so onion sites can enable HTTP2 easier for faster webpages?
Unless I am missing something critical, your question is essentially another motivation for fixing: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27636 https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/13410
Am I missing something or are you only looking for confirmation?