On 01/01/2016 10:21 AM, Josef Stautner wrote:
> You can use an Amazon EC2 G-Instance and Scallion if you don't have a
> good GPU.
That is not a good idea, since then you are given them your private key.
I trust Amazon, but not that much. People have posted on the /r/onions
or /r/tor subreddit
There is alsoScallionhttps://github.com/lachesis/scallion and Eshalothttps://github.com/ReclaimYourPrivacy/eschalot The hardware facebook used to bruteforce their onion address must have been very impressive. Message: 2Date: Thu, 31 Dec 2015 10:33:19 -0900From: Jesse V To:
t; To: tor-relays@lists.torproject.org
>> <mailto:tor-relays@lists.torproject.org>
>> Subject: Re: [tor-relays] tor hidden services & SSL EV certificate
>> Message-ID: <568582ff.40...@riseup.net
>> <mailto:568582ff.40...@riseup.net>>
>> Content-Typ
> On 30 Dec 2015, at 13:55, Paul Syverson wrote:
>
> On Tue, Dec 29, 2015 at 12:27:06PM -0900, Jesse V wrote:
>> On 12/29/2015 11:18 AM, Aeris wrote:
A few hidden services have added an
HTTPS cert but I think that's mostly for a publicity stunt than
On Tue, Dec 29, 2015 at 12:27:06PM -0900, Jesse V wrote:
> On 12/29/2015 11:18 AM, Aeris wrote:
> >> A few hidden services have added an
> >> HTTPS cert but I think that's mostly for a publicity stunt than anything
> >> else.
> >
> > As indicated in the roger’s lecture, HTTPS is usefull for HS :
On 12/29/2015 01:16 PM, bernard wrote:
>
> On 29/12/2015 19:38, Jesse V wrote:
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
>
> (I am not commenting on the technical necessity of a cert.)
>
> No, I think the point
> On 29 Dec 2015, at 21:05, Ivan Kwiatkowski wrote:
>
> Since you're at 32c3, you should get in touch with the EFF / Let's
> Encrypt people to see if they have made plans for this issue.
Ah I didn't think about that. I will then :)
-
On 29/12/2015 20:55, Mirimir wrote:
On 12/29/2015 01:16 PM, bernard wrote:
The objective of it (from a users point of view) would be the tieing the
identity of the *clear web* site and the *.onion site* together to give
the user some trust that bigclearwebwebsite.onion is in fact the same
On 12/29/2015 10:25 AM, Benoit Chesneau wrote:
> I was at the talk this afternoon at the 32c3 and get a certificate for a .onion. Any service to suggest? Also where I should
> see to configure it correctly?
>
> - benoit
>
You don't need one. Hidden services automatically get end-to-end
On 29/12/2015 19:38, Jesse V wrote:
A few hidden services have added an
HTTPS cert but I think that's mostly for a publicity stunt than anything
else.
(I am not commenting on the technical necessity of a cert.)
No, I think the point that was made at today's talk (and correct me if I
got it
On 12/29/2015 11:18 AM, Aeris wrote:
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
>
> As indicated in the roger’s lecture, HTTPS is usefull for HS :
> - browsers handle more securely cookies or other stuff in
> A few hidden services have added an
> HTTPS cert but I think that's mostly for a publicity stunt than anything
> else.
As indicated in the roger’s lecture, HTTPS is usefull for HS :
- browsers handle more securely cookies or other stuff in HTTPS mode,
avoiding some possible leaks
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I beg to differ. One of the very good points made in the talk was that
by tying the "vanilla" DNS name of the website and its .onion address
as alternate names, you can offer proof to your users that the .onion
URL they entered is indeed the website
> On 29 Dec 2015, at 21:18, Aeris wrote:
>
>> A few hidden services have added an
>> HTTPS cert but I think that's mostly for a publicity stunt than anything
>> else.
>
> As indicated in the roger’s lecture, HTTPS is usefull for HS :
> - browsers handle more
There should be a way to auth via letsencrypt.org, anonymously.
To: tor-relays@lists.torproject.org
From: kernelc...@riseup.net
Date: Tue, 29 Dec 2015 12:27:06 -0900
Subject: Re: [tor-relays] tor hidden services & SSL EV certificate
On 12/29/2015 11:18 AM, Aeris wrote:
>> A few hidde
> On 29 Dec 2015, at 21:05, Ivan Kwiatkowski wrote:
>
>
> As for the original question, I think that you cannot get a DV
> certificate for the .onion TLD at the moment. I assume that you could
> go the FaceBook way and try your luck with Verisign or Digicert, but
>
16 matches
Mail list logo