[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] tor hidden services & SSL EV certificate



On 12/29/2015 10:25 AM, Benoit Chesneau wrote:
> I was at the talk this afternoon at the 32c3 and <i am wondering where can get a certificate for a .onion. Any service to suggest? Also where I should see to configure it correctly?
> 
> - benoit
> 

You don't need one. Hidden services automatically get end-to-end
authentication and encryption. Since that is handled by Tor and not by
the browser, hidden service addresses use "http" rather than "https",
but in this case the connection is nevertheless encrypted. It's
technically redundant to add HTTPS. A few hidden services have added an
HTTPS cert but I think that's mostly for a publicity stunt than anything
else.

-- 
Jesse V

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays