[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Deploying Alt-Svc on your own website. Hello?
On Sat, 22 Sep 2018, 16:07 Roman Mamedov, <rm@xxxxxxxxxxx> wrote:
> There is no point in running HTTPS-over-Tor-hidden-service, as .onion
> is already authenticated and encrypted, it only adds useless overhead.
I see your point, but there are a couple of additional perspectives to be
- especially regarding new functionality that will be locked to HTTPS
> there's no way around that with the alt-svc scheme, that seems like a huge
Respecting AltSvc on port 80 would be as dangerous, possibly more
dangerous, than cleartext HTTP already is; and regards the notion of making
"onion" into a widely respected secure source equivalent to a HTTPS site,
please see the above essay.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to