[tor-relays] tor hidden services & SSL EV certificate
Jesse V
kernelcorn at riseup.net
Tue Dec 29 19:38:58 UTC 2015
On 12/29/2015 10:25 AM, Benoit Chesneau wrote:
> I was at the talk this afternoon at the 32c3 and <i am wondering where can get a certificate for a .onion. Any service to suggest? Also where I should see to configure it correctly?
>
> - benoit
>
You don't need one. Hidden services automatically get end-to-end
authentication and encryption. Since that is handled by Tor and not by
the browser, hidden service addresses use "http" rather than "https",
but in this case the connection is nevertheless encrypted. It's
technically redundant to add HTTPS. A few hidden services have added an
HTTPS cert but I think that's mostly for a publicity stunt than anything
else.
--
Jesse V
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 538 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20151229/03bf3d2c/attachment.sig>
More information about the tor-relays
mailing list