[Reply inline]
Am 06.02.2016 3:43 nachm. schrieb "Martijn Grooten" < martijn@lapsedordinary.net>:
On Thu, Feb 04, 2016 at 03:36:44PM +0000, Alec Muffett wrote:
Perhaps only issuing the header to people who access from an exit node,
might
reduce that cost?
Even so, and especially then, this sound like an easy way for someone operating a rogue exit node to get persistent MitM on non-HTTPS sites.
So accept this header just on https connections and all is well.
I thought of using DNS to advertise onion services via SRV records but that requires DNSsec, to protect against stripping/downgrade attacks.
Best regards
Mirco Bauer
Martijn.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBAgAGBQJWtgSPAAoJEI5dMs9dIv8ZijgH/jFDIGdwtmnRgMUmEwhxq/hA RO650YLi5MOvaL030bWURSQdMlA40bsCnJCrWKIUv0PdOe4Ml2NHG6Tb2Z7cGZ4c n3deflDpPrX7FD8HhI26ftrVkEv+1jOD7crfpCUJegijx8Q+YykR2IPVabZgaOZo vgi6mJN4LMqb7n5FVdyKOJ2JhowS+ss7xWZetrzpFhk5JUe6f/oYGfDtkUwfYhgx i5YnBACAjEF1cXVeu1vi1y9Yd3ILy3+YFDdpxl/ub8yHGx2/SQMYICBZpVIlhio3 0Oh7RWc6dOKIve7+61DVTnkZES9cHbNaQ97NOLMjKDZ7HJKvj/THsiHAy6m8vYc= =jZnh -----END PGP SIGNATURE-----
tor-onions mailing list tor-onions@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions