Duckduckgo hidden service HTTPS
I'd like to propose that the Tor browsers uses the HTTPS version of the DuckDuckGo hidden service if DDG is the selected search engine. Whether the use of HTTPS adds anything to the security of a Tor hidden service is up for debate. This post may give some perspective on it's advantages. In the case of DuckDuckGo, the hidden service is most certainly located on a different machine than the webservice so the use of HTTPS may be especially useful here.
The problem here is that the certificate is only valid for *.duckduckgo.com so we need to add an exception for that. But "That approach would raise the political question though of which sites we should endorse in this way." Personally I think that's OK, since it's not just a random website but a search engine that was already built into the browser anyway.
Trac:
Username: mahomi12