On 11/9/14 8:58 PM, Jacob Appelbaum wrote:
For example, it would be interesting if TBB would allow people to input a password/pubkey upon visiting a protected HS. Protected HSes can be recognized by looking at the "authentication-required" field of the HS descriptor. Typing your password on the browser is much more useable than editing a config file. That sounds interesting.
Also i love this idea but i would suggest to preserve the copy&paste self-authenticated URL property of TorHS, also in presence of authorization. It could be done with a parameter in the URL http://blahblah.onion/?authTorHBauBauMeowMeow=PASSWORD Or it could be done with a URL handler httpA://PASSWORD@blahblah.onion . That way it will be possible to use such authenticated TorHS by bookmarking an URL in TBB or by copy/pasting it from a password manager. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org - http://ahmia.fi