[tor-bugs] #23843 [Internal Services]: Use https on all internal .onion services.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Oct 13 11:37:46 UTC 2017
#23843: Use https on all internal .onion services.
-------------------------------+-------------------------
Reporter: cypherpunks | Owner: (none)
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Internal Services | Version:
Severity: Normal | Resolution: invalid
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------+-------------------------
Changes (by cypherpunks):
* status: new => closed
* resolution: => invalid
Comment:
> A crypto axiom says "Don't invent own cryptography".
> You have violated it inventing HSs.
That's not true, they know use SHA3/ed25519/curve25519 for v3 OSs which
isn't their "own invented crypto" by any stretch of imagination.
Also https for OSs only shows you that you're talking to the right OS and
not that it gets another layer of encryption.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23843#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list