[tbb-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 27 20:27:20 UTC 2017


#23247: Communicating security expectations for .onion: what to say about different
padlock states for .onion services
--------------------------------------+--------------------------
 Reporter:  isabela                   |          Owner:  tbb-team
     Type:  project                   |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  ux-team                   |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by tom):

 More discussion: there are definitely better ways to surface a potential
 misconfiguration to a site admin than an intersitial. A console
 warning/error or (if we want to surface something to UI) a mixed content
 icon.

 There's also the notion of showing different icons for self-signed .onion
 (grey onion?) vs DV-ca-signed .onion (green onion?)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23247#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list