[tor-bugs] #14389 [Core Tor/Tor]: little-t-tor: Provide support for better TBB UI of hidden service client authorization

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu May 9 19:02:54 UTC 2019 

#14389: little-t-tor: Provide support for better TBB UI of hidden service client
authorization
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.2.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, tbb-usability, ux-team, hs-  |  Actual Points:
  auth                                           |
Parent ID:  #30000                               |         Points:  14-24
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor27-must
-------------------------------------------------+-------------------------

Comment (by mcs):

 Replying to [comment:53 asn]:
 > Hey mcs and Kathy. I think the above seems plausible but I would need to
 lookup the code and SOCKS5 spec to see how this is done and whether we
 have enough space. As an alternative (to minimize added functionality)
 could we use the SOCKS username/password that is sent from TB to Tor in
 those control messages?

 We thought about that (and I feel bad that a lot of my suggestions
 potentially give you/dgoulet or other Network Team members more tasks to
 do). The problem is that we need to preserve the existing circuit
 isolation behavior while also adding some kind of request or tab ID. The
 current behavior (as I understand it) is that any unique combination of
 SOCKS5 UNAME and PASSWD will cause a different circuit to be used. And for
 performance reasons we don't want to use a different circuit for each
 browser tab, which means the ID would need to be handled in a special way.
 For example, if I have https://www.torproject.org/ open in one tab and
 https://support.torproject.org/ open in another tab, currently both use
 the same circuit.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14389#comment:54>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list