On 12/29/2015 10:25 AM, Benoit Chesneau wrote: > I was at the talk this afternoon at the 32c3 and <i am wondering where can get a certificate for a .onion. Any service to suggest? Also where I should see to configure it correctly? > > - benoit > You don't need one. Hidden services automatically get end-to-end authentication and encryption. Since that is handled by Tor and not by the browser, hidden service addresses use "http" rather than "https", but in this case the connection is nevertheless encrypted. It's technically redundant to add HTTPS. A few hidden services have added an HTTPS cert but I think that's mostly for a publicity stunt than anything else. -- Jesse V
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays