Reject port 80 non-onion destinations

namecoin / StemNS

Implement Proposition 279 (Pluggable Naming) w/o changing Tor (Stem port)

https://www.namecoin.org/

The Unlicense

7 stars 9 forks source link

Reject port 80 non-onion destinations #21

Open JeremyRand opened 3 years ago

JeremyRand commented 3 years ago

We should add an option (per eTLD) to reject destinations that are not .onion domains if they are using TCP port 80. This has the effect of guaranteeing that the eTLD will use a secure origin for HTTP traffic.

JeremyRand commented 3 years ago

Maybe wait on this until Namecoin TLS support for Tor Browser is further along?

yanmaani commented 2 years ago

Seems a bit gross. If it's needed, it's needed, but it seems conceptually cleaner to limit ourselves to .onion and punt on this until later.

JeremyRand commented 2 years ago

Seems low priority at the moment, but if a volunteer wants to implement this, I'd accept a PR.