[tbb-bugs] #14389 [Core Tor/Tor]: little-t-tor: Provide support for better TBB UI of hidden service client authorization

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Apr 18 11:00:07 UTC 2019

#14389: little-t-tor: Provide support for better TBB UI of hidden service client
 Reporter:  asn                                  |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, tbb-usability, ux-team, hs-  |  Actual Points:
  auth                                           |
Parent ID:  #30237                               |         Points:  12-22
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor27-must
Changes (by asn):

 * points:   => 12-22


 Here are the tasks that need to happen from the network-team side here:

 - How does TB learn that a page needs client auth? It's likely there is no
 proper way for the TB to learn that a page needs client auth, that won't
 generate a huge log file error dump or extra HSDir queries. This is
 related to comment:15 and comment:27. We should figure out the right
 interface here. This might even be related to the error interface we've
 been discussing in #30022 since there is no standard way to carry errors
 from Tor to TBB right now. (points: 9)

 - Network-team needs to help TB/UX team with the proper UX for v3 client
 auth. This ticket contains mockups and info about v2, but v3 is different.
 In particular, in v3, the client needs to input two keys (x25519/ed25519)
 to Tor for client auth to work, or it can load the keys from a .key file.
 We should figure out how that should work in general. e.g. inputting two
 keys is messy and confusing. perhaps we can unite them into a single
 string? (points: 3)

 - In v3 client auth, clients can generate public keypairs that they pass
 to the onion service. We currently have some super hacky scripts to do
 that (e.g. https://github.com/pastly/python-
 snippits/blob/master/src/tor/x25519-gen.py), but we've been discussing
 writing a proper tor-keygen program to do that. Interfacing (the
 nonexistent) tor-keygen with TB and making the UX will certainly be some
 effort. This might be an optional part of this deliverable for later if we
 have time (points: 10).

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14389#comment:39>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list