[tor-talk] Deploying Alt-Svc on your own website. Hello?
Traumschule
traumschuleriebau at riseup.net
Sat Sep 22 17:45:05 UTC 2018
Thanks for your work on this and the explanations on this list. When
things cleared up a bit, i'll add them to the manual:
#27820 new task
Explain the different approaches to onionify a website
http://ea5faa5po25cf7fb.onion/projects/tor/ticket/27820
https://bugs.torproject.org/27820
On Sat, 22 Sep 2018 16:15:08 +0100
Alec Muffett <alec.muffett at gmail.com> wrote:
> On Sat, 22 Sep 2018, 16:07 Roman Mamedov, <rm at romanrm.net> wrote:
>
> > There is no point in running HTTPS-over-Tor-hidden-service,
> > as .onion traffic
> > is already authenticated and encrypted, it only adds useless
> > overhead.
>
>
> I see your point, but there are a couple of additional perspectives
> to be considered:
> https://medium.com/@alecmuffett/onions-certs-browsers-a-three-way-mexican-standoff-7dc987b8ebc8
> - especially regarding new functionality that will be locked to HTTPS
>
>
> If
> > there's no way around that with the alt-svc scheme, that seems like
> > a huge oversight.
> >
>
>
> Respecting AltSvc on port 80 would be as dangerous, possibly more
> dangerous, than cleartext HTTP already is; and regards the notion of
> making "onion" into a widely respected secure source equivalent to a
> HTTPS site, please see the above essay.
>
> -a
--
traumschule.org
gpg fingerprint:
9356 4DED 8546 8D9A C290 3605 12EE 7D70 7111 2056
/otr info
OTR: traumschule at irc.indymedia.org fingerprint:
OTR: 35AACA83 4564616C B6EBEC66 56B6B2FC C8D572F1
OTR: traumschule at irc.oftc.net fingerprint:
OTR: D1CCD207 B60C1866 56A975AE ACE090E9 45E90846
OTR: traumschule at chat.freenode.net fingerprint:
OTR: 51BF8BB9 434840CC 24F264BC 76450C27 A6AADB12
More information about the tor-talk
mailing list