[tor-mirrors] New Tor Mirror and Introduction

27 Mar 2014


      -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi everyone,
I'm a CS Student and part-time polically interested activist from
Germany, specializing in privacy and security. I am running a server
together with a friend, and we are already running a Tor Relay [0]
that has been active for almost two years with minimal interruptions
(for example, when our providers network infrastructure went offline
about a month ago. sigh).
Seeing the situation in turkey, I finally decided to also mirror the
tor website. So, feel free to add the following to your list:
HTTP dist/:    http://mirror.velcommuta.de/tor/dist/
HTTP website:  http://mirror.velcommuta.de/tor/
HTTPS dist/:   https://mirror.velcommuta.de/tor/dist/
HTTPS website: https://mirror.velcommuta.de/tor/
The SSL CA is StartCom / StartSSL. Certificate Fingerprints:
SHA1:   E1:29:6D:B5:0F:C8:8E:BA:57:41:DA:0B:FA:71:C2:E7:88:68:28:9E
SHA256: 63:29:C9:E5:AA:AB:74:78:D4:FB:87:5E:40:C1:25:5A:3D:62:7B:C7:
        12:89:45:B6:E4:D8:F9:C6:97:AB:C8:F3
SHA512: A5:1B:AB:E8:B3:37:78:97:1A:77:07:D5:E8:32:C6:8A:CD:88:25:66:
        96:8D:AC:4B:D4:49:30:B4:D1:4F:77:6C:AF:C0:5E:76:02:BC:F5:D5:
        99:70:B8:E5:2F:3C:0D:EB:9D:AB:29:0D:FF:59:97:59:A4:DE:3F:04:
        7A:C1:EA:8E
(in case anyone wants to check, the up-to-date cert fingerprints can
always be found at [1], signed by my PGP key [2])
The mirror is reachable using IPv4 and IPv6.
Two questions:
1. Is it desirable to force SSL connections using a .htaccess file, or
should I avoid that, as some countries will terminate / track SSL
connections?
2. Would it make sense to also make the mirror available as a hidden
service, so people already using Tor can get new versions by
downloading them from a hidden service? As that would entail almost
zero extra work, I would be perfectly willing to add the few lines to
my torrc to make that possible.
Sincerely,
Max Maass
P.S.: If I have missed any pitfalls when configuring the mirror,
please let me know.
[0]
http://torstatus.blutmagie.de/router_detail.php?FP=f606c4dc0fc5ca80cd6f22ba4...
[1] https://verify.velcommuta.de/ssl/ssl.txt
[2] FP: 84C4 8097 A3AF 7D55 189A  77AC 169F 9624 3408 825E
...PGP SIGNATURE...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQJ8BAEBCgBmBQJTNHT7XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4NEM0ODA5N0EzQUY3RDU1MTg5QTc3QUMx
NjlGOTYyNDM0MDg4MjVFAAoJEBafliQ0CIJe15kP/jrEktFIuhlAa5fjyTDzFAyj
gS5zFNH/e65MyxdsDH0sgThHr0hyrXcp4FuFGwEMWz2ZGR9sKkD9CgvZi3a7Z5hR
WAKLdfkdU2blr+vlRHrtJ/JFtATzokAPtb/YwVaUQksBnncV0Abo4s7WJ9uDqxmd
wasLRY3FVX/61k4m2T200tnkTMNGph7UcTGeKhYduiMZHfndrU3w6HcNa2llAX0g
5R0tWOVeNSKT2US482z03cDo6aYud4BRF7Cx0U+7rjxXaPvPBcVlmO4JxD8OiFhW
+LyRuf2jhANNOzpl1q+pKSngjRN15P2QdfYf9p7o9A4Sgv3+McKYuMqlfSr3NUj/
vFHm1mZTUIi1TNQoWZvoyWlPCY4QQksumrs4SOaYA6U7w4EGNQ1K/G1V/YmPg7OO
1xWrCTaTgzUDGe59RjE9qTx3JhWDBvWOvTTGoBb+UYBLX2eYPZAbMI+m6V6ne7Ae
+h6FpjspdgbJUoxIWtERQD7W/deTtFWlfPUP18Z+9YsmU70Fb9dWsoYKMme77k6K
1FAXW/EGUvZT8xobFkraKcR28FpiMaoXUADfZQ33ONrKD+t2tmh/xLtZlrcMphPf
+Pk/IRmbaBszhcP9KgOacL2q5jaF9xYFMU0WKjxsv5zd9NgM/+BC1Mlwf3qetJY5
Xy409GfP+yTUZUcuKYZ+
=CFoJ
-----END PGP SIGNATURE-----

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[tor-mirrors] New Tor Mirror and Introduction