[tor-bugs] #21361 [Applications/Tor Browser]: Enable browser APIs only allowed in secure contexts for NG HS
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Feb 1 02:42:04 UTC 2017
#21361: Enable browser APIs only allowed in secure contexts for NG HS
------------------------------------------+----------------------
Reporter: legind | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
Next Generation Hidden Services provide vastly improved protection against
brute-force attacks than even many TLS certificates. Currently, hidden
services can only utilize browser APIs which require secure context
https://www.w3.org/TR/secure-contexts/ if they are provided over HTTPS.
The CA/Browser forum has allowed for Extended Validation HTTPS
certificates to be issued for .onion addresses
https://cabforum.org/2015/02/18/ballot-144-validation-rules-dot-onion-
names/, but this both a) requires deanonymization of the HS to comply with
the EV requirements, and b) is often prohibitively expensive.
Explicitly allowing browser APIs for onion addresses which are only
allowed in secure contexts, even if they are not provided over HTTPS,
would fix this. It's important to note that the APIs which are allowed
only in secure contexts have this restriction often because they are
releasing personally identifiable information about the end user (such as
location), but this is not necessarily the case. This obviously does not
supersede the scrutiny individually applied to the various APIs wrt their
privacy implications, which is quite a separate consideration.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21361>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list