Sponsor 27

Project Title: Onion Services

Project Period: 4/1/2019 - 3/31/2020

Teams involved:

  • network
  • applications
  • ux

Project Goals/Activities

Objective 1: Enhance onion services and make v3 the default version on Core Tor, so it can scale and be more stable, with the goal of enabling more organizations to adopt it for their users.

Objective 2: Improve the end user experience of onion services with the goal of increasing user adoption and retention.

Project Tracking


Tickets related

Sponsor: Sponsor27 (13 matches)

Ticket Summary Status Owner Keywords Priority
#13747 Block non .onion content on .onion addresses (mixed content blocking) new tbb-team tbb-security, TorBrowserTeam201903 High
#18696 .onion names contain their own validator, we should use that new tbb-team Medium
#19950 Replace Tor Project bookmarks in TBB to their onion service equivalent new tbb-team Medium
#21728 Features that are made "HTTPS-only" should be available on .onion sites as well new tbb-team Medium
#25872 When Clicking more information when visiting a V3 onion some of the buttons are cut off new tbb-team Medium
#27313 Help NoScript marking HTTP .onions as secure new tbb-team Medium
#27395 Refactor the .onion related logic in nsMixedContentBlocker.cpp new tbb-team Medium
#28174 Block non-.onion subresources on .onion websites? new tbb-team Medium
#28478 Enable http2 for .onion without https new tbb-team Medium
#29705 Enable Brotli compression for .onion domains new tbb-team Medium
#29998 Objective 1, Activity 1.2: Adopt OnionBalance features into onion services v3 new network-team-roadmap-2019-Q1Q2 Medium
#29999 Objective 1, Activity 2: Denial of service defences new tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2 Medium
#30200 Potential circuit timeout issues on onion service circuits new tor-hs, reachability, timeouts, network-team-roadmap-2019-Q1Q2 Medium

Sponsor: Sponsor27-can (23 matches)

Ticket Summary Status Owner Keywords Priority
#6418 Drop support for older versions of the hidden service protocol new tor-hs technical-debt deprecation Medium
#15516 Consider rate-limiting INTRODUCE2 cells when under load assigned dgoulet SponsorU-deferred, tor-dos, tor-hs, network-team-roadmap-2019-Q1Q2 Medium
#16059 Add a "rendezvous approver" control API new tor-hs, tor-control, needs-proposal, term-project-ideas tor-dos Medium
#16387 Improve reachability of hidden services on mobile phones new tor-hs, sponsor8-maybe, 034-triage-20180328, 034-removed-20180328 Medium
#17254 Scalable HSes by splitting intro/rendezvous needs_revision TvdW tor-hs multicore scaling tor-dos Medium
#17640 Handle CREATE/CREATED cell processing gracefully under load. assigned yawning tor-hs, scaling, tor-dos, tor-relay Medium
#18098 prop224: Implement tor-genkey tool for offline HS key creation needs_revision haxxpop tor-hs, 040-deferred-20190220 Medium
#20371 Lower HSDir query backoff delay new tor-hs, research, prop224, reachability Medium
#21621 Intro points can get stuck in CIRCUIT_PURPOSE_S_ESTABLISH_INTRO new tor-hs, teor-was-assigned, 034-triage-20180328, 034-removed-20180328 Medium
#22893 prop224: Make intro point per-service and not per-descriptor accepted dgoulet tor-hs, prop224-extra, 034-triage-20180328, 034-removed-20180328 Very High
#23875 Facebook's onion site is a single hop onion, but clicking on the Tor onion icon shows that it is a 6 hop circuit. new tbb-team tbb-circuit-display, ux-team Medium
#24192 When I visit a V3 onion that supplies a invalid certificate, torbrowser will lookup the onion when the get certifice button is clicked new tbb-team High
#25025 Add icon for next-generation onions in the style guide assigned antonela ux-team, tor-hs Low
#25066 Rendezvous points should return signed proof of the established rend point new needs-proposal, 034-triage-20180328, 034-removed-20180328 Medium
#26176 Display .onion services with "mixed" content in circuit display properly new tbb-team tbb-torbutton, tbb-circuit-display Medium
#26322 Circuit display - UI bug - Long v3 name new tbb-team tbb-torbutton, tbb-circuit-display Medium
#26491 Onion+cert UI text is black with Tor Browser 8.0a9 - it should be green new tbb-team ff60-esr, ux-team Medium
#27657 Show .onion icon on Identity drop down? new tbb-team ux-team Medium
#27842 Consider end-to-end introduction ACKs new tor-hs, 034-deferred-20180602 035-removed reachability Medium
#30221 HS performance optimizations of codebase (master ticket) new tor-dos tor-hs refactoring Medium
#30291 Optimize our path selection code new tor-performance tor-hs path-selection refactoring tor-dos Medium
#30440 sendme: Service introduction circuit ignore flow control accepted dgoulet tor-hs, sendme, prop289 Very High
#30466 hs: Do not allow more than one control cell on a circuit assigned neel tor-dos, tor-hs, tor-relay Medium

Sponsor: Sponsor27-must (39 matches)

Ticket Summary Status Owner Keywords Priority
#3733 Tor should abandon rendezvous circuits that cause a client request to time out accepted dgoulet tor-hs, prop224, tor-client, 034-triage-20180328, 034-removed-20180328 Medium
#13410 Disable self-signed certificate warnings when visiting .onion sites reopened tbb-team ux-team Very High
#14389 little-t-tor: Provide support for better TBB UI of hidden service client authorization needs_revision tbb-team tor-hs, tbb-usability, ux-team, hs-auth, network-team-roadmap-2019-Q1Q2 Medium
#19251 TorBrowser might want to have an error page specific to when .onion links fail new tbb-team ux-team Low
#19757 Make a menu to add onion and auth-cookie to TB new tbb-team ux-team, tbb-usability, tor-hs Medium
#21952 .Onion everywhere?: increasing the use of onion services through automatic redirects and aliasing assigned tbb-team ux-team, tor-hs Medium
#23493 IPv6 v3 Onion Services support new v3-onion-service-feature-parity-can, prop224, tor-hs, single-onion, ipv6, 034-triage-20180328, 034-removed-20180328, network-team-roadmap-2019-Q1Q2 Medium
#23545 UX improvement: Tor Browser should handle bogus HSv3 addresses new tbb-team tor-hs, prop224, ux-team, 034-triage-20180328, 034-removed-20180328 Medium
#23764 hs-v3: No live consensus on client with a bridge new dgoulet tor-hs, prop224, technical-debt, 034-triage-20180328, 034-removed-20180328, network-team-roadmap-2019-Q1Q2 High
#24962 Single hop onion service denial of service issues new tor2web, tor-hs, tor-dos, 034-triage-20180328, 034-removed-20180328, network-team-roadmap-2019-Q1Q2 Medium
#24973 Tor should be more gentle when launching dozens of circuits at once needs_information tor-dos, tor-hs, performance, 034-triage-20180328, 034-removed-20180502, network-team-roadmap-2019-Q1Q2 Medium
#25882 clients not detecting stale onion service introduction points assigned dgoulet tor-hs, 034-deferred-20180602 035-removed reachability High
#26294 attacker can force intro point rotation by ddos assigned asn tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2 Medium
#26768 Support onionbalance in HSv3 new tor-hs scaling onionbalance network-team-roadmap-2019-Q1Q2 Medium
#27471 HS intermittently fails: Non-fatal assertion failed in send_introduce1 new dgoulet tor-hs, 035-backport, 034-backport, network-team-roadmap-2019-Q1Q2 Very High
#27502 Prioritize .onion hosts in AltSvc? new tbb-team Medium
#27590 Display .onion alt-svc route in the circuit display new tbb-team tbb-circuit-display, ux-team Medium
#27636 .onion indicator for non-self-signed but non-trusted sites new tbb-team ux-team Medium
#28005 Officially support onions in HTTPS-Everywhere new legind tor-hs https-everywhere tor-ux Medium
#28841 Write tool for onion service health assessment needs_information tor-hs, reachability, research, network-health, network-team-roadmap-2019-Q1Q2 Medium
#28966 HSv3 client auth insufficiently documented (was: HiddenServiceAuthorizeClient incompatible) assigned asn tor-hs, client-auth, hsv3, postfreeze-ok, network-team-roadmap-2019-Q1Q2, 041-should High
#28970 tor_bug_occurred_(): Bug: ../src/or/hs_client.c:624: setup_intro_circ_auth_key: Non-fatal assertion needs_information asn tor-client, tor-hs, postfreeze-ok, 040-unreached-must, network-team-roadmap-2019-Q1Q2, regression?, 041-must High
#29034 circuit: Cleanup an HS circuit when it is being re-purposed assigned dgoulet tor-hs-reachability, 029-backport-maybe, 034-backport-maybe, 035-backport, 040-backport, postfreeze-ok, network-team-roadmap-2019-Q1Q2, 041-should High
#29338 restore HiddenServiceAuthorizeClient in v3 new tor-hs, hs-auth, client-auth, hsv3, network-team-roadmap-2019-Q1Q2 Medium
#29583 HSv3: Faulty cross-certs in introduction point keys (allows naive onionbalance for v3s) new tor-hs, scaling, onionbalance, 040-backport, 035-backport, needs-proposal, network-team-roadmap-2019-Q1Q2, security, 041-longterm High
#29607 2019 Q1: Denial of service on v2 and v3 onion service needs_information pidgin tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2, security, 041-longterm Immediate
#29995 Objective 1, Activity 1.1: Make v3 the default on Core Tor stable new network-team-roadmap-2019-Q1Q2 Medium
#30000 Objective 2, Activity 1: Integrating client-side authorization to onion services v3 new tbb-team TorBrowserTeam201905 Medium
#30019 Write content for the onion services section in the community portal assigned asn tor-hs Medium
#30022 Objective 2, Activity 2: Notify users about typo errors when entering .onion addresses new tbb-team Medium
#30024 Objective 2, Activity 3: Notify users if a current website they are visiting on Tor Browser has an onion service version new tbb-team Medium
#30025 Objective 2, Activity 4: Better client-side errors new tbb-team Medium
#30029 Objective 2, Activity 5: POC for Human-memorable addresses for .onion services new tbb-team Medium
#30090 Make a list of potential .onion errors new antonela Medium
#30237 Tor Browser: Improve TBB UI of hidden service client authorization needs_information tbb-team TorBrowserTeam201905 Medium
#30281 Sponsor27 master ticket new tor-hs Medium
#30381 Provide control port commands to ADD/REMOVE/VIEW v3 client-auth assigned asn tor-hs, tbb-usability, ux-team, hs-auth, network-team-roadmap-2019-Q1Q2 Medium
#30382 Provide control port event for when we are missing v3 client auth for an onion needs_review dgoulet tor-hs, tbb-usability, hs-auth, network-team-roadmap-2019-Q1Q2, tor-spec Medium
#30454 hs-v3: INTRODUCE1 trunnel code doensn't handle HS_INTRO_ACK_STATUS_CANT_RELAY merge_ready dgoulet tor-hs, 034-backport, 035-backport, 040-backport, 041-must, nickm-merge, network-team-roadmap-2019-Q1Q2, 0411-alpha High

Last modified 4 weeks ago Last modified on Apr 22, 2019, 8:06:32 PM