[tor-bugs] #18759 [Tor]: Extend onion address to include authentication data
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 7 23:09:31 UTC 2016
#18759: Extend onion address to include authentication data
----------------------------------------------------+---------------------
Reporter: twim | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: authenticated, hs, rendclient, address | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------------+---------------------
Comment (by arma):
Once upon a time, we expected onion addresses to be of the form x.y.onion,
where we indeed put other things like authentication info in them.
But we abandoned this design when we realized that client applications
like browsers were sending the whole address along in their Host: header,
so putting sensitive things there is going to cause surprises and bad
results.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18759#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list