[tor-project] [INFORMATION REQUEST] Onion Service Web Site Deployments

Sebastian Hahn mail at sebastianhahn.net
Tue Jul 21 17:52:41 UTC 2020

> On 21. Jul 2020, at 05:58, Matthew Finkel <sysrqb at torproject.org> wrote:
> On Tue, Jul 21, 2020 at 01:47:40AM +0200, Sebastian Hahn wrote:
>> If there were some sensible way to have https which terminates at their
>> end while they don't have to operate a hidden service, I am pretty sure
>> we could work something out and I would obviously go for it.
> I like Ian's example, if that is an option. I see that nginx supports
> something similar, too. I can imagine a hacky socat solution, too (but a
> reverse proxy is less of a ducktape-and-chewing-gum design).

I also like Ian's suggestion, but it is not a fix. There's no end to end
https between browser and webserver, users still need to trust me to not
modify traffic. It only gets rid of the transport issue (which I don't
worry about too much in this instance, tbh).


More information about the tor-project mailing list