[tbb-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Nov 29 17:31:24 UTC 2017


#23247: Communicating security expectations for .onion: what to say about different
padlock states for .onion services
--------------------------------------+--------------------------
 Reporter:  isabela                   |          Owner:  tbb-team
     Type:  project                   |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  ux-team                   |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by arthuredelstein):

 I think it would be nice to give the user a hint that an onion connection
 is encrypted. Maybe the icon could be a padlock superimposed on an onion?
 Or we could continue to show the padlock but use the word "Onion" instead
 of "Secure".

 Of course, there's the added complication of that the padlock might be
 intended to convey both "encrypted" and "externally authenticated", but
 that model isn't quite the same for onions. I'm not sure how to deal with
 this complication.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23247#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list