-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi everyone, I'm a CS Student and part-time polically interested activist from Germany, specializing in privacy and security. I am running a server together with a friend, and we are already running a Tor Relay [0] that has been active for almost two years with minimal interruptions (for example, when our providers network infrastructure went offline about a month ago. sigh). Seeing the situation in turkey, I finally decided to also mirror the tor website. So, feel free to add the following to your list: HTTP dist/: http://mirror.velcommuta.de/tor/dist/ HTTP website: http://mirror.velcommuta.de/tor/ HTTPS dist/: https://mirror.velcommuta.de/tor/dist/ HTTPS website: https://mirror.velcommuta.de/tor/ The SSL CA is StartCom / StartSSL. Certificate Fingerprints: SHA1: E1:29:6D:B5:0F:C8:8E:BA:57:41:DA:0B:FA:71:C2:E7:88:68:28:9E SHA256: 63:29:C9:E5:AA:AB:74:78:D4:FB:87:5E:40:C1:25:5A:3D:62:7B:C7: 12:89:45:B6:E4:D8:F9:C6:97:AB:C8:F3 SHA512: A5:1B:AB:E8:B3:37:78:97:1A:77:07:D5:E8:32:C6:8A:CD:88:25:66: 96:8D:AC:4B:D4:49:30:B4:D1:4F:77:6C:AF:C0:5E:76:02:BC:F5:D5: 99:70:B8:E5:2F:3C:0D:EB:9D:AB:29:0D:FF:59:97:59:A4:DE:3F:04: 7A:C1:EA:8E (in case anyone wants to check, the up-to-date cert fingerprints can always be found at [1], signed by my PGP key [2]) The mirror is reachable using IPv4 and IPv6. Two questions: 1. Is it desirable to force SSL connections using a .htaccess file, or should I avoid that, as some countries will terminate / track SSL connections? 2. Would it make sense to also make the mirror available as a hidden service, so people already using Tor can get new versions by downloading them from a hidden service? As that would entail almost zero extra work, I would be perfectly willing to add the few lines to my torrc to make that possible. Sincerely, Max Maass P.S.: If I have missed any pitfalls when configuring the mirror, please let me know. [0] http://torstatus.blutmagie.de/router_detail.php?FP=f606c4dc0fc5ca80cd6f22ba4... [1] https://verify.velcommuta.de/ssl/ssl.txt [2] FP: 84C4 8097 A3AF 7D55 189A 77AC 169F 9624 3408 825E -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJ8BAEBCgBmBQJTNHT7XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4NEM0ODA5N0EzQUY3RDU1MTg5QTc3QUMx NjlGOTYyNDM0MDg4MjVFAAoJEBafliQ0CIJe15kP/jrEktFIuhlAa5fjyTDzFAyj gS5zFNH/e65MyxdsDH0sgThHr0hyrXcp4FuFGwEMWz2ZGR9sKkD9CgvZi3a7Z5hR WAKLdfkdU2blr+vlRHrtJ/JFtATzokAPtb/YwVaUQksBnncV0Abo4s7WJ9uDqxmd wasLRY3FVX/61k4m2T200tnkTMNGph7UcTGeKhYduiMZHfndrU3w6HcNa2llAX0g 5R0tWOVeNSKT2US482z03cDo6aYud4BRF7Cx0U+7rjxXaPvPBcVlmO4JxD8OiFhW +LyRuf2jhANNOzpl1q+pKSngjRN15P2QdfYf9p7o9A4Sgv3+McKYuMqlfSr3NUj/ vFHm1mZTUIi1TNQoWZvoyWlPCY4QQksumrs4SOaYA6U7w4EGNQ1K/G1V/YmPg7OO 1xWrCTaTgzUDGe59RjE9qTx3JhWDBvWOvTTGoBb+UYBLX2eYPZAbMI+m6V6ne7Ae +h6FpjspdgbJUoxIWtERQD7W/deTtFWlfPUP18Z+9YsmU70Fb9dWsoYKMme77k6K 1FAXW/EGUvZT8xobFkraKcR28FpiMaoXUADfZQ33ONrKD+t2tmh/xLtZlrcMphPf +Pk/IRmbaBszhcP9KgOacL2q5jaF9xYFMU0WKjxsv5zd9NgM/+BC1Mlwf3qetJY5 Xy409GfP+yTUZUcuKYZ+ =CFoJ -----END PGP SIGNATURE-----