[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] HTTPS to hidden service unecessary?

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] HTTPS to hidden service unecessary?
From: Juenca R <juenca@xxxxxxxxx>
Date: Mon, 9 Jul 2012 17:59:55 -0700 (PDT)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 09 Jul 2012 20:59:33 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1341881995; bh=0z36dPF2zALQ7jaUAV4t8ZlKxT9FLp/XDW4Cfxap+i8=; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=H4c+C5G44mt+8dIB274Vv7B/+5CRkPrG8uI0Y9hY8b1XsuYPjtElbrQ/ZzZ+9aEjA5Pna/8UNnrlW+QOW4UMP8suzzr2DvUFVsXxHkvh3xIalMy/Zv41FFx0n8LgKLM8JM8nr8NMdJMQ3ftKt1Rkb2p7yUV5C4NdG1P5z/0NdD4=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=xz/hPXCFedMx2DBf35zWPV8XPZWiNfyd3cxDSavcNwNdjWxmCCVotXSEnoO6OTyL8n+mRsM7E8+YWbUIlQA+npbbkBybJZJ3hP7YwZ0qins06V4YPZw0YL86hKJf1lt4qkpYWebRaB0yAZNYCefQKkP5D2yS83x/i3YZcYJP1LY=;
In-reply-to: <CAGF8hssxCf+F=2oaMbKj2tLGknTaV5a2MrcMsob210U5GBOMYw@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1341864625.92829.YahooMailNeo@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <4FFB3CE7.7040405@xxxxxxxxxxxxxxx> <1341866992.17843.YahooMailNeo@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <CAGF8hssxCf+F=2oaMbKj2tLGknTaV5a2MrcMsob210U5GBOMYw@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx


>> >T or HS provide end-to-end encryption, however imho SSL it still maybe
>> > useful if:
>> >
>> > - You use a Tor Gateway (for example in a Lan or WiFi) to reach the
>> > .onion darknet space and you don't want to trust your Tor Gateway 
> or
>> > your Lan
>> 
>> good point. but don't most regular users install Tor on their PC so 
> it's
>> local, no gateway?
>> 
> 
> It still needs work, but they do exist.
> https://trac.torproject.org/projects/tor/wiki/doc/Torouter
> 
> In general it's just better practice and safer to provide end-to-end
> encryption. There are very few reasons not to use TLS.

OK, you're right.  I think in 99% of cases it will be redundant, but you're right I guess.

Problem is now have to understand how easy to serve a special cert for the .onion domain for HTTPS over hidden service (already serve cert on public IP address for the apache virtual domain).  Any howto's out there on HTTPS for .onion?

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] HTTPS to hidden service unecessary?
  - From: Juenca R
- Re: [tor-talk] HTTPS to hidden service unecessary?
  - From: Fabio Pietrosanti (naif)
- Re: [tor-talk] HTTPS to hidden service unecessary?
  - From: Juenca R
- Re: [tor-talk] HTTPS to hidden service unecessary?
  - From: Matthew Finkel

Prev by Author: Re: [tor-talk] hidden service on same location as public service
Next by Author: Re: [tor-talk] hidden services 2.0 brainstorming
Previous by thread: Re: [tor-talk] HTTPS to hidden service unecessary?
Next by thread: Re: [tor-talk] HTTPS to hidden service unecessary?
Index(es):
- Author
- Thread