[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: SSL fro hidden services

To: or-talk@xxxxxxxxxxxxx
Subject: Re: SSL fro hidden services
From: "Dan Mahoney, System Admin" <danm@xxxxxxxxxxxxxxx>
Date: Thu, 20 Oct 2005 09:22:18 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Thu, 20 Oct 2005 09:19:52 -0400
In-reply-to: <43579810.2050107@web.de>
References: <43579810.2050107@web.de>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Thu, 20 Oct 2005, Christian Beil wrote:

Is it possible to access hidden services using SSL? Does this make sense at all?


You can certainly use https, and port 443.

That said, the certificate naming scheme may be way off, since there's no concept of a valid certificate (I doubt verisign will want to sign one for 786237261871621.onion :)

However, assuming the user installs your self-signed cert, it *should* work the same unless there's something I'm missing.)

Of course, you're really just protecting content from being sniffed between the user and the entry node (usually, the same machine, but not always), and the exit node and the hidden service (presumably, you control both).

This is my understanding of it -- if someone has a better one please step on me without hesitation :)

-Dan

--

"One...plus two...plus one...plus one."

-Tim Curry, Clue

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------

Follow-Ups:
- Re: SSL fro hidden services
  - From: Paul Syverson

References:
- SSL fro hidden services
  - From: Christian Beil

Prev by Author: Re: Broadband Reports: Tor Network Bogged Down by P2P
Next by Author: Re: SSL fro hidden services
Previous by thread: SSL fro hidden services
Next by thread: Re: SSL fro hidden services
Index(es):
- Author
- Thread