[tbb-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jun 25 14:22:22 UTC 2017 

#21321: .onion HTTP is shown as non-secure in Tor Browser
-------------------------------------------------+-------------------------
 Reporter:  cypherpunks                          |          Owner:  tbb-
                                                 |  team
     Type:  task                                 |         Status:  new
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Blocker                              |     Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team,    |  Actual Points:
  TorBrowserTeam201706                           |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by yawning):

 Replying to [comment:19 mrphs]:
 > I've explained how I think about this issue to some extent on #22545. As
 someone who directly works with people at immediate risk and as someone
 with UX background, I believe this warning has actually became a security
 issue as it misleads people to take far less secure route.

 How is using a site over Tor through an exit, with a CA signed TLS cert
 any less secure than using an `onion` over HTTP.

 > I happen to believe while debating the security features of 'HTTPS' vs
 'HTTP .onion' vs 'HTTPS .onion' is healthy and necessary to have, it's
 outside of the urgent needs of this ticket.

 No.

 Mozilla and Firefox defines "secure enough not to show a warning" as
 "HTTPS with a CA signed cert".

 The prerequisite to changing the behavior is to present a strong case for
 "they are wrong, and the definition of 'secure enough not to show a
 warning' should be 'HTTP over .onion, *or* HTTPS with a CA signed cert'",
 where "strong case" is along the lines of "the security properties are at
 least identical, if not better".

 "People get confused" is not a good reason to redefine what secure means,
 as a matter of general principle, and disabling the warnings is redefining
 what secure means.

 (If people think the warning should go away all together, then they're
 even more wrong.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21321#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list