On Mon, Jul 9, 2012 at 7:41 PM, proper wrote:
> HS + SSL makes sense:
I was under the impression that browsers had generally stronger cookie
and cross domain policies for SSL sessions but maybe I'm imagining
things.
___
tor-talk mailing list
tor-talk@li
>> >T or HS provide end-to-end encryption, however imho SSL it still maybe
>> > useful if:
>> >
>> > - You use a Tor Gateway (for example in a Lan or WiFi) to reach the
>> > .onion darknet space and you don't want to trust your Tor Gateway
> or
>> > your Lan
>>
>> good point. but don't most reg
HS + SSL makes sense:
- stronger encryption
Not looking too long for a good source...
https://trac.torproject.org/projects/tor/wiki/doc/HiddenServiceNames
If you decide to run a hidden service Tor generates an RSA-1024
keypair. The .onion name is computed as follows: first the SHA1 hash [...]
On Mon, Jul 9, 2012 at 5:23 PM, wrote:
> Exit enclaves no longer work -
> https://trac.torproject.org/projects/tor/wiki/doc/ExitEnclave
Bummer, they still work on old nodes (or at least I just tested and it
works for me).
I liked them for unloading exists and narrowing the exposure of
non-targe
> On Mon, Jul 9, 2012 at 5:00 PM, Juenca R wrote:
>> ok good that was actually my other question, why run exit enclave if you
> run a hidden service.
>> i guess you answered my question. they service different purpose.
>
> Right. Enclaves work for people using the global domain names, onion
> a
On Mon, Jul 9, 2012 at 10:49 PM, Juenca R wrote:
>
>
> >T or HS provide end-to-end encryption, however imho SSL it still maybe
> > useful if:
> >
> > - You use a Tor Gateway (for example in a Lan or WiFi) to reach the
> > .onion darknet space and you don't want to trust your Tor Gateway or
> > yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/07/12 21:15, Gregory Maxwell wrote:
> It's also useful to run as an exit enclave for these purposes. You
> configure yourself as an exit but only to your public IP address.
> Then tor nodes will switch to using you to exit to you even when
>
On Mon, Jul 9, 2012 at 5:00 PM, Juenca R wrote:
> ok good that was actually my other question, why run exit enclave if you run
> a hidden service.
> i guess you answered my question. they service different purpose.
Right. Enclaves work for people using the global domain names, onion
addresses d
>>> i'm wonder if it makes any sense to allow users to access a public
> web server
>>> access normal at same time as hidden service on same machine?
>>
>> Yes.
>> - saves exit bandwidth
>> - will continue to work even if all exits are shut down
>> - exit policy/ports do not matter
>> - more dive
>T or HS provide end-to-end encryption, however imho SSL it still maybe
> useful if:
>
> - You use a Tor Gateway (for example in a Lan or WiFi) to reach the
> .onion darknet space and you don't want to trust your Tor Gateway or
> your Lan
good point. but don't most regular users install Tor on
- Original Message -
> From: SiNA Rabbani
> To: tor-talk@lists.torproject.org
> Cc: Juenca R
> Sent: Monday, July 9, 2012 1:27 PM
> Subject: Re: [tor-talk] HTTPS to hidden service unecessary?
>
>
> On 07/09/2012 01:10 PM, Juenca R wrote:
>> Tor encrypts all traffic, right?
> Tor wil
On 07/09/2012 01:10 PM, Juenca R wrote:
> Tor encrypts all traffic, right?
Tor will encrypt your data while it's being passed from one relay to the
other, all the way to the Exit node. If you send HTTP, it will come out
HTTP :)
By TLS? So if running a hidden service, is it redundant to serve i
Tor HS provide end-to-end encryption, however imho SSL it still maybe
useful if:
- You use a Tor Gateway (for example in a Lan or WiFi) to reach the
.onion darknet space and you don't want to trust your Tor Gateway or
your Lan
- You want SSL client authentication
- You want to use particular key
On Sun, Jul 8, 2012 at 7:25 PM, wrote:
> wrote:
>> i'm wonder if it makes any sense to allow users to access a public web server
>> access normal at same time as hidden service on same machine?
>
> Yes.
> - saves exit bandwidth
> - will continue to work even if all exits are shut down
> - exit p
Tor encrypts all traffic, right? By TLS? So if running a hidden service, is
it redundant to serve it using HTTPS/port 443??
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>> also wondering if the use of hidden service like this will help fix problem
>> of man-in-middle attacks on SSL like here:
>>
>> http://www.wired.com/threatlevel/2010/03/packet-forensics/
>>
>> actually, does Tor's encryption fall victim to this? if not, is HTTPS
>> over
>> hidden service
>& lt;jue...@yahoo.com> wrote:
>> i'm wonder if it makes any sense to allow users to access a public web
>> server
>> access normal at same time as hidden service on same machine?
>
> Yes.
> - saves exit bandwidth
> - will continue to work even if all exits are shut down
> - exit policy/ports d
On Sun, Jul 8, 2012, at 19:07, starli...@binnacle.cx wrote:
> 1) Will the TOR bundle co-exist peacefully
> and separately with a Firefox 13 install under
> Windows (2008 SP2 x64)? Ideally I'd like for them
> to not interact at all and for the TOR instance
> of Firefox to run simultaneously to a re
Hi,
how far is implementation of anonymisation of all IP packets (including
UDP, not just TCP), as it was stated in "Tor Development Roadmap,
2008-2011" document?
Regards,
M.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproj
19 matches
Mail list logo
