Sponsor 27

Project Title: Onion Services

Project Period: 4/1/2019 - 3/31/2020

Teams involved:

  • network
  • applications
  • ux

Project Goals/Activities

Objective 1: Enhance onion services and make v3 the default version on Core Tor, so it can scale and be more stable, with the goal of enabling more organizations to adopt it for their users.

Objective 2: Improve the end user experience of onion services with the goal of increasing user adoption and retention.

Project Tracking


Tickets related

Sponsor: Sponsor27 (11 matches)

Ticket Summary Status Owner Keywords Priority
#13747 Block non .onion content on .onion addresses (mixed content blocking) new tbb-team tbb-security, TorBrowserTeam201903 High
#18696 .onion names contain their own validator, we should use that new tbb-team Medium
#19950 Replace Tor Project bookmarks in TBB to their onion service equivalent new tbb-team Medium
#21728 Features that are made "HTTPS-only" should be available on .onion sites as well new tbb-team Medium
#25872 When Clicking more information when visiting a V3 onion some of the buttons are cut off new tbb-team Medium
#27313 Help NoScript marking HTTP .onions as secure new tbb-team noscript Medium
#27395 Refactor the .onion related logic in nsMixedContentBlocker.cpp new tbb-team Medium
#28174 Block non-.onion subresources on .onion websites? new tbb-team Medium
#28478 Enable http2 for .onion without https new tbb-team Medium
#29705 Enable Brotli compression for .onion domains new tbb-team Medium
#31069 Create onion auth entry in assigned ggus Medium

Sponsor: Sponsor27-can (24 matches)

Ticket Summary Status Owner Keywords Priority
#6418 Drop support for older versions of the hidden service protocol new tor-hs technical-debt deprecation Medium
#13194 Track time between ESTABLISH_RENDEZVOUS and RENDEZVOUS1 cell new tor-relay, tor-hs, needs-design privcount-maybe metrics performance Very Low
#16059 Add a "rendezvous approver" control API new tor-hs, tor-control, needs-proposal, term-project-ideas tor-dos Medium
#16387 Improve reachability of hidden services on mobile phones new tor-hs, sponsor8-maybe, 034-triage-20180328, 034-removed-20180328 Medium
#17254 Scalable HSes by splitting intro/rendezvous needs_revision TvdW tor-hs multicore scaling tor-dos Medium
#17640 Handle CREATE/CREATED cell processing gracefully under load. assigned yawning tor-hs, scaling, tor-dos, tor-relay Medium
#18098 prop224: Implement tor-genkey tool for offline HS key creation needs_revision haxxpop tor-hs, 040-deferred-20190220 Medium
#20371 Lower HSDir query backoff delay new tor-hs, research, prop224, reachability Medium
#21621 Intro points can get stuck in CIRCUIT_PURPOSE_S_ESTABLISH_INTRO new tor-hs, teor-was-assigned, 034-triage-20180328, 034-removed-20180328 Medium
#23875 Facebook's onion site is a single hop onion, but clicking on the Tor onion icon shows that it is a 6 hop circuit. new tbb-team tbb-circuit-display, ux-team Medium
#24192 When I visit a V3 onion that supplies a invalid certificate, torbrowser will lookup the onion when the get certifice button is clicked new tbb-team High
#25025 Add icon for next-generation onions in the style guide assigned antonela ux-team, tor-hs Low
#25066 Rendezvous points should return signed proof of the established rend point new needs-proposal, 034-triage-20180328, 034-removed-20180328 Medium
#26176 Display .onion services with "mixed" content in circuit display properly new tbb-team tbb-torbutton, tbb-circuit-display Medium
#26322 Circuit display - UI bug - Long v3 name new tbb-team tbb-torbutton, tbb-circuit-display Medium
#26491 Onion+cert UI text is black with Tor Browser 8.0a9 - it should be green new tbb-team ff60-esr, ux-team Medium
#27657 Show .onion icon on Identity drop down? new tbb-team ux-team Medium
#27842 Consider end-to-end introduction ACKs new tor-hs, 034-deferred-20180602 035-removed reachability Medium
#30221 HS performance optimizations of codebase (master ticket) new tor-dos tor-hs refactoring Medium
#30291 Optimize our path selection code new tor-performance tor-hs path-selection refactoring tor-dos Medium
#30466 hs: Do not allow more than one control cell on a circuit needs_information neel tor-dos, tor-hs, tor-relay Medium
#31062 token bucket: Improve library to handle under/overflow and clock jump new token-bucket Medium
#31754 Add HS DoS defence stats to heartbeat new tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2, user-feedback, blog, easy Medium
#31857 Consider adopting vanguard's security suggestions for onionbalance new tor-hs scaling onionbalance network-team-roadmap-september tor-spec Medium

Sponsor: Sponsor27-must (47 matches)

Ticket Summary Status Owner Keywords Priority
#3733 Tor should abandon rendezvous circuits that cause a client request to time out new tor-hs, prop224, tor-client, network-team-roadmap-september Medium
#13410 Disable self-signed certificate warnings when visiting .onion sites reopened tbb-team ux-team Very High
#14389 little-t-tor: Provide support for better TBB UI of hidden service client authorization needs_revision tbb-team tor-hs, tbb-usability, ux-team, hs-auth, network-team-roadmap-september, 042-deferred-20190918 Medium
#19251 TorBrowser might want to have an error page specific to when .onion links fail new tbb-team ux-team Low
#19757 Make a menu to add onion and auth-cookie to TB new tbb-team ux-team, tbb-usability, tor-hs Medium
#20212 Tor can be forced to open too many circuits by embedding .onion resources new tbb-team guard-discovery, TorBrowserTeam201803, 034-roadmap-proposed, security, tor-hs, 042-deferred-20190918 Medium
#21952 Onion-location: increasing the use of onion services through automatic redirects and aliasing assigned tbb-team ux-team, tor-hs, network-team-roadmap-november, TorBrowserTeam201911, tbb-9.5 Medium
#22893 prop224: Make intro point per-service and not per-descriptor assigned teor network-team-roadmap-september, tor-hs, prop224-extra, 034-triage-20180328, 034-removed-20180328 Very High
#23545 UX improvement: Tor Browser should handle bogus HSv3 addresses new tbb-team tor-hs, prop224, ux-team, 034-triage-20180328, 034-removed-20180328 Medium
#23764 hs-v3: No live consensus on client with a bridge new tor-hs, prop224, technical-debt, 034-triage-20180328, 034-removed-20180328, network-team-roadmap-2019-Q1Q2 High
#23818 Make v2 and v3 single onion services retry all failed intro and rend connections with a 3-hop path merge_ready teor 029-no-backport, 035-backport, 040-backport, 041-backport, v3-onion-service-feature-parity, prop224, tor-hs, single-onion, ipv6, network-team-roadmap-august, consider-backport-after-0421 Medium
#24973 Tor should be more gentle when launching dozens of circuits at once needs_information tor-dos, tor-hs, performance, 034-triage-20180328, 034-removed-20180502, network-team-roadmap-2019-Q1Q2 Medium
#25882 clients not detecting stale onion service introduction points new tor-hs, reachability, network-team-roadmap-september High
#26294 attacker can force intro point rotation by ddos needs_revision asn tor-hs, tor-dos, network-team-roadmap-august, security Medium
#26768 Support onionbalance in HSv3 assigned asn tor-hs scaling onionbalance network-team-roadmap-september tor-spec Medium
#26806 Check if Tor clients sometimes send duplicate cells on rendezvous circuits: Possible replay detected! An INTRODUCE2 cell with thesame ENCRYPTED section was seen new tor-hs High
#27502 Prioritize .onion hosts in AltSvc? new tbb-team Medium
#27590 Display .onion alt-svc route in the circuit display new tbb-team tbb-circuit-display, ux-team Medium
#27636 .onion indicator for non-self-signed but non-trusted sites new tbb-team ux-team Medium
#28005 Officially support onions in HTTPS-Everywhere new legind tor-hs https-everywhere tor-ux network-team-roadmap-november Medium
#28841 Write tool for onion service health assessment assigned dgoulet tor-hs, reachability, research, network-health, network-team-roadmap-september Medium
#28970 tor_bug_occurred_(): Bug: ../src/or/hs_client.c:624: setup_intro_circ_auth_key: Non-fatal assertion assigned dgoulet tor-client, tor-hs, postfreeze-ok, 040-unreached-must, network-team-roadmap-august, regression?, 041-unreached-must, 042-should High
#29607 2019 Q1: Denial of service on v2 and v3 onion service needs_information pidgin tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2, security, 041-longterm, 041-deferred-20190530, 042-deferred-20190918 Immediate
#29995 Objective 1, Activity 1.1: Make v3 the default on Core Tor stable new network-team-roadmap-2019-Q1Q2 Medium
#29998 Objective 1, Activity 1.2: Adopt OnionBalance features into onion services v3 new network-team-roadmap-2019-Q1Q2 Medium
#29999 Objective 1, Activity 2: Denial of service defences new tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2, user-feedback, blog Medium
#30000 Objective 2, Activity 1: Integrating client-side authorization to onion services v3 new tbb-team TorBrowserTeam201910 Medium
#30022 Objective 2, Activity 2: Notify users about typo errors when entering .onion addresses new tbb-team ux-team, TorBrowserTeam201910 Medium
#30024 Objective 2, Activity 3: Notify users if a current website they are visiting on Tor Browser has an onion service version new tbb-team Medium
#30025 Objective 2, Activity 4: Better client-side errors new tbb-team ux-team Medium
#30029 Objective 2, Activity 5: POC for Human-memorable addresses for .onion services new tbb-team network-team-roadmap-november, TorBrowserTeam201911 Medium
#30090 Make a list of potential .onion errors new antonela Medium
#30200 Potential circuit timeout issues on onion service circuits assigned dgoulet tor-hs, reachability, timeouts, network-team-roadmap-september Medium
#30237 Tor Browser: Improve TBB UI of hidden service client authorization new tbb-team TorBrowserTeam201907, network-team-roadmap-september Medium
#30281 Sponsor27 master ticket new tor-hs Medium
#30381 Provide control port commands to ADD/REMOVE/VIEW v3 client-auth needs_revision asn tor-hs, tbb-usability, ux-team, hs-auth, network-team-roadmap-september, 042-deferred-20190918 Medium
#30382 prop304: Implement SOCKS new HS error code needs_revision dgoulet tor-hs, tbb-usability, hs-auth, network-team-roadmap-september, tor-spec, 042-deferred-20190918 Medium
#30599 Cloudflare alt-svc onions cause a different exit to be used at each request new tbb-team ux-team High
#30937 Expired CA-signed SSL Cert causes error in Tor Browser new tbb-team Medium
#31223 Research approaches for improving the availability of services under DoS new tor-hs tor-dos Medium
#31371 hs: Add DoS defense counter to DoS heartbeat message new tor-hs, 042-deferred-20190918 Medium
#31548 hs-v3: Service can pick more than HiddenServiceNumIntroductionPoints intro points merge_ready dgoulet consider-backport-after-0424, tor-hs, service, hs-v3, 035-backport, 040-backport, 041-backport, 042-should Medium
#31561 hs-v3: Service can keep unused intro points in its list needs_information dgoulet tor-hs, hv-v3, 042-should Medium
#31632 hs-v3: Service doesn't re-upload descriptor on circuit failure new tor-hs, 042-deferred-20190918 Medium
#32020 hsv3: Client do not report failing circuit back into HS subsystem new tor-hs, tor-client Medium
#32021 hs-v3: Handle rendezvous client circuit build expire properly new tor-hs, tor-client, tor-circuit Medium
#32094 hs-v3: Stop using ip->circuit_established flag assigned dgoulet tor-hs Medium

Last modified 3 months ago Last modified on Aug 5, 2019, 1:31:13 PM