[tor-bugs] #14389 [Tor]: Improve TBB UI of hidden service client authorization
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jan 26 21:10:02 UTC 2015
#14389: Improve TBB UI of hidden service client authorization
--------------------+------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.???
Component: Tor | Version:
Keywords: tor-hs | Actual Points:
Parent ID: | Points:
--------------------+------------------------------
The current hidden service spec allows clients to authenticate themselves
using auth-cookies. The future proposal 224 will allow clients to
authenticate using username/password or pubkey.
Currently users have to edit their torrc and add HidServAuth lines for the
hidden services that require authorization. In the future, it would be
nicer if TBB had an interface for users to type in their authorization
credentials.
Tor knows whether an HS needs authorization, because the intro list is
encrypted. Tor would have to somehow transfer this knowledge to TBB, so
that the browser can present a nice UI that the user can fill on the go.
Furthermore, with the future username/password authorization and this UI
improvement, it won't be necessary for people to write on their torrc
which hidden services they visit and what's their auth-cookie.
This is a ticket about finding out what mods need to happen in
little-t-tor, and coordinating the development of this feature.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14389>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list