On Saturday, 8 August 2020 06:38:38 UTC+8, Chris Laprise wrote: > > I think this is only properly done via a trusted .onion address, i2p > address, etc... Unless Tor's DNS lookups have been improved since the > last time I checked. > > Just for reference here, threat model I'm thinking of here is when an > attacker tries to MiTM while having the cooperation of the certificate > authority. > > -- > Chris Laprise, [email protected] <javascript:> > https://github.com/tasket > https://twitter.com/ttaskett > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 >
Since dom0 can be updated via tor, is there an onion address? If not, what would it take to make one or convince someone to make one? Without this (since i2p is a whole can of worms I don't want to touch), the whole exercise is meaningless. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4d0a2044-3f8b-449f-8201-b70104e55838o%40googlegroups.com.
