[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] tor hidden services & SSL EV certificate
> On 29 Dec 2015, at 21:18, Aeris <aeris+tor@xxxxxxxxxx> wrote:
>
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
>
> As indicated in the rogerâs lecture, HTTPS is usefull for HS :
> - browsers handle more securely cookies or other stuff in HTTPS mode,
> avoiding some possible leaks
> - because anybody can create an HS and proxify any content, X.509 certs
> allow users to verify the authenticity of the HS (you are on the official
> Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion
> inside)
>
Yes I forgot to say it was for a know url already (https://friendpaste.com) on which I would like to add a .onion access so people don't have to go out of the tor network somehow. Having a cert working on that address would help to validate the access.
I will check with digicert if this is possible since they are already providing me a cert for this address.
- benoit
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays