[tor-talk] Tor and Google error / CAPTCHAs.
Jeremy Rand
jeremyrand at airmail.cc
Tue Oct 4 00:51:45 UTC 2016
Alec Muffett:
> Irregardless of the political and privacy issues there are also technical
>> benefits to using Tor for day to day traffic.
>
>
> Totally. So many people are fixated on "anonymity" and completely ignore
> the end-to-end nature of Onion addressing, for instance.
>
> It's a fantastic enabler of high-integrity communications.
I'm curious what the advantage is in this respect of .onion compared to
using TLS with manual fingerprint verification.
My best guess is that .onion has better usability today with current
tools. But it seems to me that it wouldn't be incredibly hard to
produce a SOCKS proxy to support a ".tlsexplicit" TLD where the SOCKS
proxy drops the connection to "www.google.com.<fingerprint>.tlsexplicit"
if the server doesn't present a TLS cert that matches <fingerprint>.
If we accept as a premise that location-anonymity isn't desired, and
that all we want is the integrity/authencitity/encryption properties
that .onion gives you, wouldn't .tlsexplicit be a lot more efficient and
a lot less complex?
Cheers,
-Jeremy Rand
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20161004/7947bcee/attachment.sig>
More information about the tor-talk
mailing list