[tor-talk] Implement JSONP interface for check.torproject.org
Collin Anderson
collin at averysmallbird.com
Mon Nov 7 02:36:15 UTC 2011
Tor would not be validating the nature or security of the hosted site,
rather the JSON would be confirming attributes of the visitor. I cannot
imagine many scenarios where a malicious party stands to benefit from
forging these credentials -- or for that matter a manner where they could
not fake a confirmation themselves without using the API.
On Sun, Nov 6, 2011 at 9:13 PM, Andrew Lewman <andrew at torproject.org> wrote:
> On Sunday, November 06, 2011 11:00:08 Fabio Pietrosanti (naif) wrote:
> > Let's support that AccessNow https://www.accessnow.org/ would like to
> > implement the privacybadge web widget, they have several options:
>
> A word of caution about privacy badges, learning the history of TRUSTe is
> relevant, https://secure.wikimedia.org/wikipedia/en/wiki/TRUSTe#History.
>
> Research shows that sites with the TRUSTe seal are the least likely to
> honor
> what you think of as privacy, http://www.benedelman.org/news/092506-1.html
> .
>
> --
> Andrew
> pgp 0x74ED336B
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
--
*Collin David Anderson*
averysmallbird.com | @cda | Washington, D.C.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20111106/c0e3b42f/attachment.html>
More information about the tor-talk
mailing list