[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Watching the attacks on my relay



On Fri, 08 Nov 2013 18:19:16 +0100
elrippo <elrippo@xxxxxxxxxxxxxxxxx> wrote:

> Hy there.
> 
> I did some graphs of the attacks raiding against the network and the method is 
> quite interesting.
> 
> Take a look at it, maybe it helps a bit.
> 
> https://elrippoisland.net/public/tor_attack/attack.html


I could understand not using recognized SSL CAs for "philosophical reasons",
but ffs, at least get the hostname right?

"Common Name: https://www.elrippoisland.net";

  1) but you point people to an URL including hostname with no www.

  2) afaik you should NOT have the "https://"; string in the Common Name field
at all, only the bare hostname.

Please don't train the users to blindly click "Ignore certificate error" if
you don't have any valid reason other than your own sloppiness.

-- 
With respect,
Roman

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays