17 Nov
2014
17 Nov
'14
10:48 p.m.
On Fri, Nov 14, 2014 at 12:08 PM, Tom Ritter tom@ritter.vg wrote:
a) Eliminate self-signed certificate errors when browsing https:// on an onion site
No, please don't. Browsers throw cert errors for good reasons. If you don't want to deal with it, just click accept or otherwise pin them out in your trust store. Blind acceptance of certs just because the TLD says .onion is just as dumb as trusting .com. And if Joe and Jane's cluster of services wishes to publish a CA or any other form of trustweb you're going to break that too. Don't do that. If you don't think trust has the similar uses in anon networks as on clearnet, or will never appear there, you need to open your eyes.