[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] HTTPS to hidden service unecessary?

----- Original Message -----
> From: SiNA Rabbani <sina@xxxxxxxxxx>
> To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> Cc: Juenca R <juenca@xxxxxxxxx>
> Sent: Monday, July 9, 2012 1:27 PM
> Subject: Re: [tor-talk] HTTPS to hidden service unecessary?
> On 07/09/2012 01:10 PM, Juenca R wrote:
>> Tor encrypts all traffic, right?  
> Tor will encrypt your data while it's being passed from one relay to the
> other, all the way to the Exit node. If you send HTTP, it will come out
> HTTP :)
>> By TLS?  So if running a hidden service, is it redundant to serve it
>> using HTTPS/port 443??
> Hidden Services are a special case, everything inside a hidden service
> is end to end encrypted. So as long as the hidden service and the Web
> Service are on the same machine I guess you can get away with not
> installing SSL on the web service.
> I used to setup my hidden services with SSL on the web port and when I
> realized this it was very pleasant :)

ok thank you.  yes it's very convenient not have to worry about certificates and .onoin domains so my web site as hidden service can be HTTP but still fully encrypted!  nice
tor-talk mailing list