[tor-relays] tor hidden services & SSL EV certificate
Aeris
aeris+tor at imirhil.fr
Tue Dec 29 20:18:13 UTC 2015
> A few hidden services have added an
> HTTPS cert but I think that's mostly for a publicity stunt than anything
> else.
As indicated in the roger’s lecture, HTTPS is usefull for HS :
- browsers handle more securely cookies or other stuff in HTTPS mode,
avoiding some possible leaks
- because anybody can create an HS and proxify any content, X.509 certs
allow users to verify the authenticity of the HS (you are on the official
Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion
inside)
--
Aeris
Individual crypto-terrorist group self-radicalized on the digital Internet
https://imirhil.fr/
Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://café-vie-privée.fr/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20151229/fc1cbeaf/attachment-0001.sig>
More information about the tor-relays
mailing list