- From: Mark Nottingham <mnot@mnot.net>
- Date: Fri, 27 Nov 2015 11:24:57 +1100
- To: Jacob Appelbaum <jacob@appelbaum.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 26 Nov 2015, at 11:21 pm, Jacob Appelbaum <jacob@appelbaum.net> wrote: > > On 11/26/15, Mark Nottingham <mnot@mnot.net> wrote: >> Now that we have RFC7686, there's a new requirement applicable to HTTP >> clients: >> >> """ >> Applications (including proxies) that implement the Tor protocol MUST >> recognize .onion names as special by either accessing them directly or using >> a proxy (e.g., SOCKS [RFC1928]) to do so. Applications that do not >> implement the Tor protocol SHOULD generate an error upon the use of .onion >> and SHOULD NOT perform a DNS lookup. >> """ >> >> Is anyone aware of a browser that does this or plans to do so? > > I believe that the Tor Browser properly implements RFC7686. Thanks, Jake. I'm wondering specifically about browsers that don't implement the Tor protocol; so far it looks like they don't conform. A few bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1228457 https://code.google.com/p/chromium/issues/detail?id=562265 https://github.com/bagder/curl/issues/543 Apple bug 23672882 I don't have a Windows box on hand, would love it if someone could test there and file a bug if appropriate. Cheers, -- Mark Nottingham https://www.mnot.net/
Received on Friday, 27 November 2015 00:25:27 UTC