[tor-dev] UX improvement proposal: Onion auto-redirects using Onion-Location HTTP header
nusenu-lists at riseup.net
Sat Sep 22 19:55:00 UTC 2018
(changed the subject to make clear that this is NOT about Alt-Svc anymore)
I assume this is limited to onions for sites that do not aim for server side location anonymity.
> FYI: the proposal is now the first Tor Browser proposal:
in the light of the fact that this proposal has been started before
Tor Browser 8 with Alt-Svc support for .onions was a thing (and CF jumping on it )
I'm wondering how you think about it compared to what benefits Alt-Svc provides
over what Onion-Location provides?
Are you unsatisfied with what RFC 7838 - HTTP Alternative Services
provides or is "onion address is displayed in URL bar" one of your goals/requirements of this proposal?
Although Alt-Svc does not work reliably _yet_ and the UI part is missing 
I find it addresses some rather important issues that 'Onion-Location' does not:
- users get the transport security benefits of .onions without Tor Browser displaying
hard/impossible to remember/recognize randomly looking strings.
Long randomly looking strings in the domain part of the URL that would probably
confuse many users and make it harder to answer the question "Am I still on the page I want to be?"
(I consider it a major UX improvement that you can display the non
.onion domain name while the traffic actually goes to the .onion)
- users will use onions transparently
without asking them questions they probably don't understand or don't want
to be bothered with everytime they visit a website 
I believe asking fewer questions, safe defaults and configuration options for advanced users
are some reasonable goals.
- it solves the ".onions can't get DV certs (yet)" issue
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the tor-dev