[tor-talk] Hidden Services - Access control.
coderman
coderman at gmail.com
Tue Sep 30 22:22:47 UTC 2014
On 9/30/14, Lluís <msl12 at sde12.jazztel.es> wrote:
> ...
> I didn't find anything about access control,
> is there anyway of doing this ?
> Can I hide the *.onion address to anyone, but me ?
you cannot hide the existence of the *.onion, as these are "location
hidden" not "existence hidden".
you can use various methods to restrict access, my favorite being PKI
with client certificates - if you are not an authorized client your
socket is disconnected before reaching application service layers.
simple HTTP auth leaks too much for my taste. and of course,
variations of single packet authentication to access...
best regards,
More information about the tor-talk
mailing list