[Reply inline]
Am 06.02.2016 3:43 nachm. schrieb "Martijn Grooten" <martijn@lapsedordinary.net>:
>
> On Thu, Feb 04, 2016 at 03:36:44PM +0000, Alec Muffett wrote:
> > Perhaps only issuing the header to people who access from an exit node, might
> > reduce that cost?
>
> Even so, and especially then, this sound like an easy way for someone
> operating a rogue exit node to get persistent MitM on non-HTTPS sites.
So accept this header just on https connections and all is well.
I thought of using DNS to advertise onion services via SRV records but that requires DNSsec, to protect against stripping/downgrade attacks.
Best regards
Mirco Bauer
>
> Martijn.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEcBAEBAgAGBQJWtgSPAAoJEI5dMs9dIv8ZijgH/jFDIGdwtmnRgMUmEwhxq/hA
> RO650YLi5MOvaL030bWURSQdMlA40bsCnJCrWKIUv0PdOe4Ml2NHG6Tb2Z7cGZ4c
> n3deflDpPrX7FD8HhI26ftrVkEv+1jOD7crfpCUJegijx8Q+YykR2IPVabZgaOZo
> vgi6mJN4LMqb7n5FVdyKOJ2JhowS+ss7xWZetrzpFhk5JUe6f/oYGfDtkUwfYhgx
> i5YnBACAjEF1cXVeu1vi1y9Yd3ILy3+YFDdpxl/ub8yHGx2/SQMYICBZpVIlhio3
> 0Oh7RWc6dOKIve7+61DVTnkZES9cHbNaQ97NOLMjKDZ7HJKvj/THsiHAy6m8vYc=
> =jZnh
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> tor-onions mailing list
> tor-onions@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
>