[tor-bugs] #7559 [Flashproxy]: Registration via indirect URL request
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Nov 24 03:24:33 UTC 2012
#7559: Registration via indirect URL request
------------------------+---------------------------------------------------
Reporter: dcf | Owner: dcf
Type: project | Status: new
Priority: normal | Milestone:
Component: Flashproxy | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
The web server on the facilitator should be able to answer requests for
URLs like
http://facilitator.example.com/reg/''GGX4n12cGCjOIQ45...''
Where ''GGX4n12cGCjOIQ45...'' is a base64-encoded encrypted client
registration (as produced by `flashproxy-reg-email` internally) of about
350 bytes. When such a URL is requested, the facilitator should decrypt it
and do the registration.
The idea behind this is that a censored client can use any third-party URL
retrieval service to register on their behalf, if the facilitator is
blocked directly. For example,
1. Client: Dear Mr. [http://validator.w3.org/ W3C Validator], please
validate the page at
http://facilitator.example.com/reg/''GGX4n12cGCjOIQ45...''.
1. The validator requests the URL.
1. The facilitator returns a 204 or empty HTML page, and in the
background makes the registration.
1. Validator: Your page checks out!
We will want a helper program that prints out a facilitator URL which the
client can paste into their favorite URL retrieval service.
This could also become how `flashproxy-reg-http` works, rather than a POST
request.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7559>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list