Tor onion services for KDE websites
Open, Needs TriagePublic

Description

This would allow KDE sites to be reached without reaching the tor network. While onion services can be used to conceal the network location of the machine providing the service, this is not the goal here. Instead, we use onion services because they provide end-to-end integrity and confidentiality, and they authenticate the onion service end point.

For instance, when users connect to the onion service running at http://sejnfjrq6szgca7v.onion/ (Debian's onion service), using a Tor-enabled browser such as the Tor Browser, they can be certain that their connection to the Debian website cannot be read or modified by third parties, and that the website that they are visiting is indeed the Debian website. In a sense, this is similar to what using HTTPS provides. However, crucially, onion services do not rely on third-party certification authorities (CAs). Instead, the onion service name cryptographically authenticates its cryptographic key.

A lot of people mistakenly believe that Tor Onion Networking is "all about anonymity" - which is incorrect, since it also includes:

  • extra privacy
  • identity/surety of to whom you are connected
  • freedom from oversight/network surveillance
  • anti-blocking, and...
  • enhanced integrity/tamperproofing

...none of which are the same as "anonymity", but all of which are valuable qualities to add to communications.

Links:
https://github.com/alecmuffett/eotk
https://www.torproject.org/docs/onion-services
https://bits.debian.org/2016/08/debian-and-tor-services-available-as-onion-services.html

Related Objects

StatusAssignedTask
Opensebas
OpenNone
lavender created this task.Wed, May 23, 3:35 PM
lavender added a parent task: T7050: Privacy Software.