[tor-bugs] #15988 [Applications/Tor Browser]: Update Tor Browser design documentation for 6.5
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Mar 2 08:27:09 UTC 2017
#15988: Update Tor Browser design documentation for 6.5
-------------------------------------------------+-------------------------
Reporter: gk | Owner: gk
Type: task | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: GeorgKoppen201702, tbb-spec, | Actual Points:
TorBrowserTeam201703R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by gk):
Replying to [comment:51 cypherpunks]:
> Well, it's hard to determine whether this spec is about the design goals
or already implemented features only. So, should feedback be about design
decisions or about current features only? Thus, let's start with both.
It's about both in our spec. How can we make that more clear?
> Tor Browser user needs better handling of https sites, because now
> > the fact that he's wrong to think that closed padlock assures 100% of
security.
> https://wiki.mozilla.org/CA:OCSP-HardFail
> > we don't do OCSP fetching for intermediates unless the user configures
several things in about:config.
> https://bugzilla.mozilla.org/show_bug.cgi?id=803582
> > firefox doesn't warn the user if SSL certificate lacks revocation
checking info
> https://bugzilla.mozilla.org/show_bug.cgi?id=496661
I think these things are good ones getting fixed upstream. In which
section in our design document would they fit?
> In the Security Slider section description of Medium Settings mentions
that {{{media.webaudio.enabled}}} is used, but it was removed from the
Firefox codebase long ago.
That's actually not a spec bug (yet) as we are setting this on the medium
level. That said, I opened #21601 to get that fixed.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15988#comment:52>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list