[tor-bugs] #21952 [User Experience]: Increasing the use of onion services through automatic redirects and aliasing
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Apr 14 21:43:35 UTC 2017
#21952: Increasing the use of onion services through automatic redirects and
aliasing
---------------------------------+-------------------
Reporter: linda | Owner: linda
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: User Experience | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
---------------------------------+-------------------
ilf is experimenting with automatically redirecting Tor users to .onion
versions of websites that they visit (because they want more people to
visit onion sites and they will do so if it is painless to them). But when
users were redirected automatically to an onion site, they freaked out
about it because they didn't know what happened, didn't know what onion
sites were, and the "https" was dropped.
asn and dgoulet also were trying to find a solution to make onion sites
more accessible to use. Specifically, onion addresses are quite long and
random-ish, making them hard to remember and hard to type. There were many
solutions discussed casually to try and resolve this, but none stood out
as a clear winner.
I like the idea of redirecting users to .onion sites automatically when
they type in the websites non-onion address. This way, users don't need to
remember anything else, need to type in anything long, or really even know
what onion sites are.
My suggestion is to follow the https design pattern, and create a similar
indicator for .onion sites.
The proposed solution would be this: when a user types in a website
(pad.riseup.net), they would automatically be redirected to the onion
site. When this happens, there would be an onion icon next to the address
bar (replacing the https lock icon if there is one, or just being there an
https lock icon would be if redirection from an http website), similar to
that of the https lock icon. The address in the address bar can turned a
different color or indicated in some way that this is an alias for the
onion site.
From my observation, people don't mind automatically being redirected to
https sites from http sites, but freak out when redirected from an
http/https site to an onion site. I don't think that this is because
people know what https is and find the idea comforting (although this can
help). I speculate that they don't mind because they don't notice, and the
reason why users freaked out at the redirect to onion sites is that they
saw the website address visibly change in the address bar.
If we want to show users the address of the onion site, we can
additionally have a feature to reveal the onion site when the user clicks
in the address bar. But I don't know how I feel about this, since it may
just be confusing, and just shock the user later. Users don't know that
pad.riseup.net resolves to some numerical IP address, and that isn't
displayed to users. So there could be an argument made for just indicating
that the address is an alisas and not ever showing the .onion address,
either. This will confuse way less of the general population.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21952>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list