[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] tor hidden services & SSL EV certificate




On 29/12/2015 20:55, Mirimir wrote:
On 12/29/2015 01:16 PM, bernard wrote:

<snip>

The objective of it (from a users point of view) would be the tieing the
identity of the *clear web* site and the *.onion site* together to give
the user some trust that bigclearwebwebsite.onion is in fact the same as
the .com site.



(Replace bigclearwebwebsite. with DuckDuckGo, Facebook, etc)

True. But I don't see that it helps much for onion sites that aren't
tied to well-known clearweb sites.

Fair point. Maybe for users of a .onion site that *itself* needs anonymity, an SSL cert is not helpful to it.

But another way of asking: how do I as a user trust that .onion site?

I've been playing with GnuPG-signed pages, with the public key available
from multiple independent sources. But of course, it's a bit much to
expect users to verify signatures.

Well, given difficulties users have with verification of GPG key strings, that would be difficult.

Bernard
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays