[tor-bugs] #23446 [Applications/Tor Browser]: Write a guidelines documentation for requirements with Tor integration

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Sep 9 18:33:23 UTC 2017

#23446: Write a guidelines documentation for requirements with Tor integration
     Reporter:  cypherpunks               |      Owner:  tbb-team
         Type:  task                      |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
 I heard that one of the discussions in the Montreal meeting was
 "Encouraging Tor integration by third parties" which spawned for me the
 idea that there must be some guidelines documentation the requirements
 that should be met for each use case. For example for browsers (where
 integrating Tor is a goal with Brave in private browsing and it has been
 suggested by the (ex?)-CEO of Mozilla) among the requirements I can think

 1. Having the user agent the same as the Tor Browser (Otherwise
 fingerprinting would be easy).
 2. Stream isolation should be enforced, otherwise a single exit can watch
 all traffic.
 3. First party isolation should be enforced.
 5. ...etc

 Of course there's already the Tor Browser design documentation, but it
 doesn't address this question directly, and more importantly those folks
 don't want to make an alternative Tor Browser, rather just a "Tor mode" to
 their private browsing that can enable true privacy by design.

 What do you think of such an idea?

 Note that this finds its parallel with little-t-tor in another ticket that
 I couldn't find about alternative implementations of the tor client.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23446>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list