[tor-relays] tor hidden services & SSL EV certificate
benoitc
benoitc at refuge.io
Tue Dec 29 21:10:25 UTC 2015
> On 29 Dec 2015, at 21:18, Aeris <aeris+tor at imirhil.fr> wrote:
>
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
>
> As indicated in the roger’s lecture, HTTPS is usefull for HS :
> - browsers handle more securely cookies or other stuff in HTTPS mode,
> avoiding some possible leaks
> - because anybody can create an HS and proxify any content, X.509 certs
> allow users to verify the authenticity of the HS (you are on the official
> Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion
> inside)
>
Yes I forgot to say it was for a know url already (https://friendpaste.com) on which I would like to add a .onion access so people don't have to go out of the tor network somehow. Having a cert working on that address would help to validate the access.
I will check with digicert if this is possible since they are already providing me a cert for this address.
- benoit
More information about the tor-relays
mailing list