[tor-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 9 13:00:46 UTC 2017


#21321: .onion HTTP is shown as non-secure in Tor Browser
----------------------------------------------+--------------------------
 Reporter:  cypherpunks                       |          Owner:  tbb-team
     Type:  task                              |         Status:  new
 Priority:  High                              |      Milestone:
Component:  Applications/Tor Browser          |        Version:
 Severity:  Major                             |     Resolution:
 Keywords:  ff52-esr, tbb-usability, ux-team  |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+--------------------------

Comment (by cypherpunks):

 This is Tor Browser, not Firefox. If you say HTTP .onion or HTTPS .onion
 is insecure, then you need to update your Tor manual and documentation to
 state .onion is dangerous.

 Tor Browser must accept HTTP .onion and HTTPS .onion as safe TLD.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21321#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list