-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hi everyone,
I'm a CS Student and part-time polically interested activist from Germany, specializing in privacy and security. I am running a server together with a friend, and we are already running a Tor Relay [0] that has been active for almost two years with minimal interruptions (for example, when our providers network infrastructure went offline about a month ago. sigh).
Seeing the situation in turkey, I finally decided to also mirror the tor website. So, feel free to add the following to your list:
HTTP dist/: http://mirror.velcommuta.de/tor/dist/ HTTP website: http://mirror.velcommuta.de/tor/ HTTPS dist/: https://mirror.velcommuta.de/tor/dist/ HTTPS website: https://mirror.velcommuta.de/tor/
The SSL CA is StartCom / StartSSL. Certificate Fingerprints: SHA1: E1:29:6D:B5:0F:C8:8E:BA:57:41:DA:0B:FA:71:C2:E7:88:68:28:9E SHA256: 63:29:C9:E5:AA:AB:74:78:D4:FB:87:5E:40:C1:25:5A:3D:62:7B:C7: 12:89:45:B6:E4:D8:F9:C6:97:AB:C8:F3 SHA512: A5:1B:AB:E8:B3:37:78:97:1A:77:07:D5:E8:32:C6:8A:CD:88:25:66: 96:8D:AC:4B:D4:49:30:B4:D1:4F:77:6C:AF:C0:5E:76:02:BC:F5:D5: 99:70:B8:E5:2F:3C:0D:EB:9D:AB:29:0D:FF:59:97:59:A4:DE:3F:04: 7A:C1:EA:8E (in case anyone wants to check, the up-to-date cert fingerprints can always be found at [1], signed by my PGP key [2])
The mirror is reachable using IPv4 and IPv6.
Two questions: 1. Is it desirable to force SSL connections using a .htaccess file, or should I avoid that, as some countries will terminate / track SSL connections? 2. Would it make sense to also make the mirror available as a hidden service, so people already using Tor can get new versions by downloading them from a hidden service? As that would entail almost zero extra work, I would be perfectly willing to add the few lines to my torrc to make that possible.
Sincerely, Max Maass
P.S.: If I have missed any pitfalls when configuring the mirror, please let me know.
[0] http://torstatus.blutmagie.de/router_detail.php?FP=f606c4dc0fc5ca80cd6f22ba4... [1] https://verify.velcommuta.de/ssl/ssl.txt [2] FP: 84C4 8097 A3AF 7D55 189A 77AC 169F 9624 3408 825E
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Right. Completely forgot to mention: The Server location is germany.
Max
On 27.03.2014 19:59, Max Jakob Maass wrote:
Hi everyone,
I'm a CS Student and part-time polically interested activist from Germany, specializing in privacy and security. I am running a server together with a friend, and we are already running a Tor Relay [0] that has been active for almost two years with minimal interruptions (for example, when our providers network infrastructure went offline about a month ago. sigh).
Seeing the situation in turkey, I finally decided to also mirror the tor website. So, feel free to add the following to your list:
HTTP dist/: http://mirror.velcommuta.de/tor/dist/ HTTP website: http://mirror.velcommuta.de/tor/ HTTPS dist/: https://mirror.velcommuta.de/tor/dist/ HTTPS website: https://mirror.velcommuta.de/tor/
The SSL CA is StartCom / StartSSL. Certificate Fingerprints: SHA1: E1:29:6D:B5:0F:C8:8E:BA:57:41:DA:0B:FA:71:C2:E7:88:68:28:9E SHA256: 63:29:C9:E5:AA:AB:74:78:D4:FB:87:5E:40:C1:25:5A:3D:62:7B:C7: 12:89:45:B6:E4:D8:F9:C6:97:AB:C8:F3 SHA512: A5:1B:AB:E8:B3:37:78:97:1A:77:07:D5:E8:32:C6:8A:CD:88:25:66: 96:8D:AC:4B:D4:49:30:B4:D1:4F:77:6C:AF:C0:5E:76:02:BC:F5:D5: 99:70:B8:E5:2F:3C:0D:EB:9D:AB:29:0D:FF:59:97:59:A4:DE:3F:04: 7A:C1:EA:8E (in case anyone wants to check, the up-to-date cert fingerprints can always be found at [1], signed by my PGP key [2])
The mirror is reachable using IPv4 and IPv6.
Two questions: 1. Is it desirable to force SSL connections using a .htaccess file, or should I avoid that, as some countries will terminate / track SSL connections? 2. Would it make sense to also make the mirror available as a hidden service, so people already using Tor can get new versions by downloading them from a hidden service? As that would entail almost zero extra work, I would be perfectly willing to add the few lines to my torrc to make that possible.
Sincerely, Max Maass
P.S.: If I have missed any pitfalls when configuring the mirror, please let me know.
[0] http://torstatus.blutmagie.de/router_detail.php?FP=f606c4dc0fc5ca80cd6f22ba4...
[1] https://verify.velcommuta.de/ssl/ssl.txt
[2] FP: 84C4 8097 A3AF 7D55 189A 77AC 169F 9624 3408 825E _______________________________________________ tor-mirrors mailing list tor-mirrors@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-mirrors
On Thu, Mar 27, 2014 at 07:59:07PM +0100, max@velcommuta.de wrote 3.3K bytes in 0 lines about: : The mirror is reachable using IPv4 and IPv6.
Thanks for running a mirror! I've added you to the list.
: Two questions: : 1. Is it desirable to force SSL connections using a .htaccess file, or : should I avoid that, as some countries will terminate / track SSL : connections?
Up to you. Some people cannot access https websites from within their countries.
: 2. Would it make sense to also make the mirror available as a hidden : service, so people already using Tor can get new versions by : downloading them from a hidden service? As that would entail almost : zero extra work, I would be perfectly willing to add the few lines to : my torrc to make that possible.
Sure.
tor-mirrors@lists.torproject.org
-
Andrew Lewman -
Max Jakob Maass