[tor-bugs] #29163 [Applications/Tor Browser]: Add an option or just ignore https+.onion domains

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jan 24 00:02:40 UTC 2019


#29163: Add an option or just ignore https+.onion domains
-----------------------+------------------------------------------
 Reporter:  welkins    |          Owner:  tbb-team
     Type:  task       |         Status:  new
 Priority:  Very High  |      Component:  Applications/Tor Browser
  Version:             |       Severity:  Critical
 Keywords:             |  Actual Points:
Parent ID:             |         Points:
 Reviewer:             |        Sponsor:
-----------------------+------------------------------------------
 Tor Browser:
 .onion domains -> show green onion icon
 .onion with https:// (self-sign/CA signed) -> show green onion+padlock
 icon

 But it shows this:

 Your connection is not secure

 The owner of community.xxxx.onion has configured their website improperly.
 To protect your information from being stolen, Tor Browser has not
 connected to this website.


 .onion + http is already secure, so you should mark .onion+https(signed
 /self-signed with valid time length(not expired)) as secure.



 Why this is so late?
 Where is my donation money go?
 I won't donate my another money if you don't add this in 2019.

 https://community.letsencrypt.org/t/let-s-encrypt-tor-browser-5-5-2/11214
 https://lists.torproject.org/pipermail/tor-talk/2015-August/038812.html

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29163>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list