[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] tor hidden services & SSL EV certificate



> On 29 Dec 2015, at 21:18, Aeris <aeris+tor@xxxxxxxxxx> wrote:
> 
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
> 
> As indicated in the rogerâs lecture, HTTPS is usefull for HS :
> 	- browsers handle more securely cookies or other stuff in HTTPS mode, 
> avoiding some possible leaks
> 	- because anybody can create an HS and proxify any content, X.509 certs 
> allow users to verify the authenticity of the HS (you are on the official 
> Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion 
> inside)
> 

Yes I forgot to say it was for a know url already (https://friendpaste.com) on which I would like to add a .onion access so people don't have to go out of the tor network somehow. Having a cert working on that address would help to validate the access.

I will check with digicert if this is possible since they are already providing me a cert for this address.

- benoit

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays