Skip to content

GitLab

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Open
Opened by Roger Dingledine@armaReporter

Track advocacy and uptake of "applications shouldn't resolve onion addresses"

IETF RFC 7686:
https://tools.ietf.org/html/rfc7686#section-2
specifies that:
"Applications that do not implement the Tor protocol SHOULD generate an error upon the use of .onion and SHOULD NOT perform a DNS lookup."

I hear that Firefox implemented this feature, so if you try to visit an onion address in Firefox, it refuses to try. There's an about:config way to disable that feature -- and in theory it allow it if the browser is sending the traffic into Tor, and how exactly it knows that...this gets complicated.

So the vision of this ticket is to keep track of which applications have implemented this change (and how they did it), and which apps have tickets for implementing it (and how they propose to do it).

Then we can look for patterns and figure out:

  • if there's advice we can provide for how best to achieve the goal in the RFC (like "don't change your app, and instead get the change into the resolver that your app uses"), and also

  • if there are particular external pieces of software we should open tickets for changing.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information