[tor-talk] HTTPS to hidden service unecessary?

SiNA Rabbani sina at redteam.io
Mon Jul 9 20:27:45 UTC 2012


On 07/09/2012 01:10 PM, Juenca R wrote:
> Tor encrypts all traffic, right?  
Tor will encrypt your data while it's being passed from one relay to the
other, all the way to the Exit node. If you send HTTP, it will come out
HTTP :)

By TLS?  So if running a hidden service, is it redundant to serve it
using HTTPS/port 443??
>
Hidden Services are a special case, everything inside a hidden service
is end to end encrypted. So as long as the hidden service and the Web
Service are on the same machine I guess you can get away with not
installing SSL on the web service.

I used to setup my hidden services with SSL on the web port and when I
realized this it was very pleasant :)

--SiNA

> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> 

-- 
“If I had eight hours to chop down a tree, I’d spend the first six of
them sharpening my axe.”
-Abraham Lincol




More information about the tor-talk mailing list