|
You can’t be sure that traffic between an exit node and
your target URL is not being sniffed unless you know the complete physical path
between the two which is unlikely right? Sure you could implement some scheme
other than TLS to authenticate the server but that doesn’t stop you being
sniffed. You could implement some other kind of encryption between you and the target
server so that sniffing is not a problem, in that case you’d just being
using tor for anonymity, not encryption. From:
owner-or-talk@xxxxxxxxxxxxx [mailto:owner-or-talk@xxxxxxxxxxxxx] On Behalf
Of defcon so what do you all suggest if I
must authenticate to a non ssl connection? How do I do it anonymously and
safely? On Thu, Jun 5, 2008 at 5:37 PM, Christopher Davis <loafier@xxxxxxxxx> wrote: On Thu, Jun 05, 2008 at
05:01:34PM -0700, defcon wrote: Prefer TLS-enabled services, and mind the authenticity of
server certs. |