On Wed, 01 Jun 2016, Roger Dingledine wrote: > We could imagine cooler approaches, like hooking Tor relays into the > Let's Encrypt acme engine so they can get legit ssl certs for each > relay. But even then, they would need legit looking names in the ssl > certs -- we could start with dyndns addresses, but eventually we'd > need something better. The rabbit hole goes deep.
Interesting. I do have a weird attraction to rabbit holes. FTR here a DIY "dyndns at home" solution using bind9, git and ssh keys https://github.com/dyne/gitzone for the short-term arms race would be good, and not so hard, to have relays moved to such a setup. ciao -- Denis Roio aka Jaromil http://Dyne.org think &do tank CTO and co-founder free/open source developers 加密 6113 D89C A825 C5CE DD02 C872 73B3 5DA5 4ACB 7D10 -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
