#19963: Cannot login to trac through the onion service ----------------------------------------------+--------------------- Reporter: cypherpunks | Owner: qbi Type: defect | Status: new Priority: Medium | Milestone: Component: Internal Services/Service - trac | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: ----------------------------------------------+---------------------
Comment (by cypherpunks): Brainstorming: * Patch trac to remove the "secure flag" requirement for the onion service. * Patch it to not require cookies (It's always annoying to log in here because I have to go adjust browser settings, but I guess it wouldn't be easy to patch). * Use a self-signed certificate, but "cheat" and ship it with the Tor Browser. * Or make a CA constrained to torproject.org and ship that with the browser. * Patch the browser to set secure=1 for .onion URLs. (Proper review to determine the security impact probably makes this not worth the effort.) * Figure out how to get a certificate from a CA. Consider it an experiment, and document the process so others can do the same. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19963#comment:4> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs