> A few hidden services have added an > HTTPS cert but I think that's mostly for a publicity stunt than anything > else.
As indicated in the roger’s lecture, HTTPS is usefull for HS :
- browsers handle more securely cookies or other stuff in HTTPS mode,
avoiding some possible leaks
- because anybody can create an HS and proxify any content, X.509 certs
allow users to verify the authenticity of the HS (you are on the official
Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion
inside)
--
Aeris
Individual crypto-terrorist group self-radicalized on the digital Internet
https://imirhil.fr/
Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://café-vie-privée.fr/
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
