[tor-talk] darkweb-everywhere - was: Using HTTPS Everywhere to redirect to .onion

Mike Cardwell tor at lists.grepular.com
Wed May 14 08:23:30 UTC 2014


* on the Tue, May 13, 2014 at 08:51:28PM -0400, Michael Wolf wrote:

>> darkweb-everywhere
>> 
>> "HTTPS Everywhere rulesets for hidden services and eepsites."
>> 
>> https://github.com/chris-barry/darkweb-everywhere
>> 
> 
> I had an idea recently that might be an improvement (or might not?) on
> the darkweb-everywhere concept.  What if we introduced an HTTP header
> similar to HSTS -- `X-Onion-Address` perhaps -- which could be sent by
> sites that wished to advertise their .onion address?  Just like HSTS,
> the header would only be acted upon if received over HTTPS (we don't
> want malicious parties injecting headers and redirecting people).
> Future versions of TBB could perhaps automatically redirect users to the
> .onion site when this header is present, or perhaps prompt users to
> inform them of the hidden service.

I would prefer it if the people who run websites with hidden service
alternatives would simply check if the client IP is a Tor exit node,
and then advertise the availability of the hidden service to such
users inside the actual website.

This wouldn't be that difficult either. We have the Tor DNSEL, and
there are also a few Apache modules which allow you to perform DNSBL
style lookups on the client IP and perform different actions based on
the result, such as setting environment variables/headers etc.

-- 
Mike Cardwell  https://grepular.com https://emailprivacytester.com
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3   B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1   BF1B 295C 3C78 3EF1 46B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 598 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140514/9c7f6f60/attachment.sig>


More information about the tor-talk mailing list