On Fri, Sep 27, 2019 at 1:35 PM Tom Ritter <t...@ritter.vg> wrote: > > On Mon, 5 Aug 2019 at 18:33, Tom Ritter <t...@ritter.vg> wrote: > > > > On Tue, 2 Jul 2019 at 09:23, Tom Ritter <t...@ritter.vg> wrote: > > > Or... something else? Very interested in what David/asn think since > > > they worked on #30382 ... > > > > I never updated this thread after discussing with people on irc. > > > > So the implementation of > > SOCKS-error-code-for-an-Onion-Service-needs-auth implementation is > > done. David (if I'm summarizing correctly) felt that the SOCKS Error > > code approach may not be the best choice given our desire for > > optimistic data; but felt it was up to the Tor Browser team to decide. > > > > In the goal of something that works for 90%+ of use case today, the > > rest later, I'll propose the following: > > > > In little-t tor, detect if we're connecting to an onion site, and if > > so do not early-report SOCKS connection. > > > > Another ugly option is to early-report a successful SOCKS connection > > even for onion sites, and if we later receive an auth request, send an > > HTTP error code like 407 that we then detect over in the browser and > > use to prompt the user. I don't like this because it is considerably > > more work (I expect), horrible ugly layering violations, and I don't > > think it will work for https://onion links. > > I attached an updated proposal taking this into account, and I'd like > to request it be entered into torspec's proposals list.
Okay! This is now proposal 309. _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
