[tbb-bugs] #21321 [Applications/Tor Browser]: .onion HTTP is shown as non-secure in Tor Browser
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jul 2 17:38:45 UTC 2017
#21321: .onion HTTP is shown as non-secure in Tor Browser
-------------------------------------------------+-------------------------
Reporter: cypherpunks | Owner: tbb-
| team
Type: task | Status: new
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Blocker | Resolution:
Keywords: ff52-esr, tbb-usability, ux-team, | Actual Points:
TorBrowserTeam201706 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by asn):
Replying to [comment:34 linda]:
> Hi, the UX team has reviewed this ticket, and we recommend removing the
warnings as soon as possible and working on messaging thereafter.
>
> I think that there are two problems to solve, 1) the password and
padlock warnings are misleading users, telling them that something is
insecure when it isn't 2) educating users on what secure means. I think
that we can, and should, solve these issues independently. Getting rid of
the warnings will be a much better improvement than leaving them up, even
if there is no explanation.
>
> Of course, it would be good to educate users on why .onion sites are
secure. When we onboard users to Tor, we should mention .onion sites and
other features on first use, and show information on .onion sites when
they first visit an onion website. Additionally, we can also put a message
when you click on or hover over the "secure" indicator (something like
[https://share.riseup.net/#fi-f_QKZqY8pV8Kf0BXR9g this]) that says why
.onion sites are safe, for people who are wondering why it is safe.
>
I think this is a very reasonable course of action. +1
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21321#comment:37>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list