[tor-talk] Tor2web support for HTTPS on .onion

Giovanni Pellerano giovanni.pellerano at evilaliv3.org
Tue Nov 18 09:37:11 UTC 2014

Dear all,

We’re happy to announce the release of Tor2web 3.1.30 [1] that includes
support for access to .onion sites over TLS.

Tor2web[2] is HTTP proxy server software used for accessing onion sites.

The Tor2web support for TLS includes the following security features:

- TOFU  (Trust on First Use) certificate validation by caching the
fingerprint of the .onion site
- Validation of CN (Common Name) and SANs (Subject Alternative Names)
specified in the certificate of the .onion domain.

As Facebook has recently opened its own onion site [3], we’ve been
coordinating this release with Alec Muffett from Facebook in order to
block access to Facebook by means of the Tor2web proxy. Because Facebook
has a normal website, using Tor2web merely presents an option for users
to hurt themselves.  You can see the Facebook block here:

Current Tor2web conduits are:

- tor2web.org (running 2 out of 3 servers after recent server takedown
due to CryptoWall abuses)
- tor2web.fi by Ahmia (https://ahmia.fi)
- onion.lt
- onion.to (temporally dead after server takedown)
- tor2web.blutmagie.de (expired certificates)

We remind the community that Tor2web yearns for additional operators.

If you want to run a Tor2web conduit or otherwise support Tor2web:
- take a look at our wiki https://github.com/globaleaks/Tor2web-3.0/wiki
- join the tor2web-talk mailing list

[1] https://github.com/globaleaks/Tor2web-3.0
[2] https://www.tor2web.org/

Giovanni Pellerano - Founding Member
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20141118/33fe1eb6/attachment.sig>

More information about the tor-talk mailing list