[tor-talk] HTTPS to hidden service unecessary?
Fabio Pietrosanti (naif)
lists at infosecurity.ch
Mon Jul 9 20:19:51 UTC 2012
Tor HS provide end-to-end encryption, however imho SSL it still maybe
useful if:
- You use a Tor Gateway (for example in a Lan or WiFi) to reach the
.onion darknet space and you don't want to trust your Tor Gateway or
your Lan
- You want SSL client authentication
- You want to use particular key exchange like TLS SRP
https://github.com/trevp/tlslite
- You want the client to be able to trust a specific certificate and/or
CA that you already trusted over the internet/intranet
- You need to protect a "private key" into the server (you can load an
x509v3 encrypted certificate with Apache but you cannot do the same for
the Hidden Service RSA Key with Tor) but you cannot use filesystem
encryption
-naif
On 7/9/12 10:10 PM, Juenca R wrote:
> Tor encrypts all traffic, right? By TLS? So if running a hidden service, is it redundant to serve it using HTTPS/port 443??
>
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
More information about the tor-talk
mailing list