Re: [tor-relays] Watching the attacks on my relay

On Fri, 08 Nov 2013 18:19:16 +0100 elrippo elrippo@elrippoisland.net wrote:

Hy there.

I did some graphs of the attacks raiding against the network and the method is quite interesting.

Take a look at it, maybe it helps a bit.

https://elrippoisland.net/public/tor_attack/attack.html

I could understand not using recognized SSL CAs for "philosophical reasons", but ffs, at least get the hostname right?

"Common Name: https://www.elrippoisland.net"

1) but you point people to an URL including hostname with no www.

2) afaik you should NOT have the "https://" string in the Common Name field at all, only the bare hostname.

Please don't train the users to blindly click "Ignore certificate error" if you don't have any valid reason other than your own sloppiness.