[tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 9 07:50:24 UTC 2017


#21321: .onion HTTP is shown as non-secure in Tor Browser
----------------------------------------------+--------------------------
 Reporter:  cypherpunks                       |          Owner:  tbb-team
     Type:  task                              |         Status:  new
 Priority:  High                              |      Milestone:
Component:  Applications/Tor Browser          |        Version:
 Severity:  Major                             |     Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+--------------------------

Comment (by gk):

 I am not sure yet about how to deal with the various security indicators
 in the browser UI (like padlock icon) but it seems to me we could make
 sure that the scary password field warning does not show up anymore when
 being on an HTTP .onion site. Even if we might disagree about how secure
 exactly that mode is I feel it is sufficiently secure that the warning
 against plain-HTTP password fields is not warranted. Does that sound like
 a reasonable start?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21321#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list