[tor-bugs] #15988 [Applications/Tor Browser]: Update Tor Browser design documentation for 6.5

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Mar 5 11:37:59 UTC 2017 

#15988: Update Tor Browser design documentation for 6.5
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  gk
     Type:  task                                 |         Status:
                                                 |  needs_information
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  GeorgKoppen201702, tbb-spec,         |  Actual Points:
  TorBrowserTeam201703R                          |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by gk):

 * status:  needs_review => needs_information


Comment:

 Replying to [comment:53 mikeperry]:
 > Ok GK, I did a review pass. I made some minor grammar changes and other
 updates.

 Thanks!

 > Please also see the XXX about speculative connections though. I'm not
 sure blocking them actually derives from a design requirement. It's fine
 we did it, but we should make the reasoning clear, and not just specify
 "MUST" it as if it flows from our security and privacy requirements.

 Hm. I am a bit unsure whether I understand your issue here. Blocking them
 does not derive from a design requirement. But doing so is not specified
 as a MUST requirement either. The requirement says
 {{{
 Speculative connections MUST be *isolated* [emphasize mine, G.K.] to the
 URL bar domain.
 }}}
 And that seems to be well within the scope of our design requirements,
 especially if one has speculative connections in mind that originate from
 embedded link-tags.

 Firefox does not send those requests by default if a proxy is configured.
 We don't bother with that and add only a defense-in-depth patch that
 actually would do the isolation to the url bar domain in case Mozilla
 changed their mind or disabling those connections would be buggy.

 So, maybe we'd just need to reword that paragraph to make it less
 confusing?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15988#comment:54>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list