[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] tor hidden services & SSL EV certificate

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] tor hidden services & SSL EV certificate
From: benoitc <benoitc@xxxxxxxxx>
Date: Tue, 29 Dec 2015 22:10:25 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 29 Dec 2015 16:10:39 -0500
In-reply-to: <2072805.WNevPArgIF@home>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <40935A81-2322-4F4D-8FEA-ACBDF57B9E8E@xxxxxxxxx> <5682E152.80201@xxxxxxxxxx> <2072805.WNevPArgIF@home>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

> On 29 Dec 2015, at 21:18, Aeris <aeris+tor@xxxxxxxxxx> wrote:
> 
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
> 
> As indicated in the rogerâs lecture, HTTPS is usefull for HS :
> 	- browsers handle more securely cookies or other stuff in HTTPS mode, 
> avoiding some possible leaks
> 	- because anybody can create an HS and proxify any content, X.509 certs 
> allow users to verify the authenticity of the HS (you are on the official 
> Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion 
> inside)
> 

Yes I forgot to say it was for a know url already (https://friendpaste.com) on which I would like to add a .onion access so people don't have to go out of the tor network somehow. Having a cert working on that address would help to validate the access.

I will check with digicert if this is possible since they are already providing me a cert for this address.

- benoit

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] tor hidden services & SSL EV certificate
  - From: Benoit Chesneau
- Re: [tor-relays] tor hidden services & SSL EV certificate
  - From: Jesse V
- Re: [tor-relays] tor hidden services & SSL EV certificate
  - From: Aeris

Prev by Author: Re: [tor-relays] tor hidden services & SSL EV certificate
Next by Author: Re: [tor-relays] tor hidden services & SSL EV certificate
Previous by thread: Re: [tor-relays] tor hidden services & SSL EV certificate
Next by thread: Re: [tor-relays] tor hidden services & SSL EV certificate
Index(es):
- Author
- Thread