>>> - You get transparent, free end to end encryption. No flawed root CA >>> system.
But wait. This isn't even true. In the thread I started "HTTPS to hidden service unecessary?" only one or two day before this thread, it was shown that there are cases where it is NOT end-to-end if you still don't use SSL. But no one answered the thread I started "CA cert MITM vulnerability in Tor?" so I am curiously to learn this is not a problem in Tor's encryption.... >> Just curious, maybe I am overlooking something: how would this be better >> than a self-signed and self-generated certificate (apart from the user not >> being >> nagged with a warning)? > > It depends on how you got the name of the site you're visiting. > > Consider: > > (1) You get the name from a trusted source over a secure channel. > - Onion has complete MITM protection > - Selfsigned can be owned up by MITM an active network attacker near you > - CA is also secure, if the CA is good. > > (2) You get the name from a non-trusted source or over an insecure channel > - Onion buys you nothing over self-signed > - Selfsigned is still completely insecure against active attack > - CA model provides little security, even if the CA is good! > (e.g. knowing that you've connected to "gaypal" with certainty > isn't > helpful if it was really "paypal" that you wanted but didn't know > the > right name) > > > So in (1) onion beats self-signed, and in (2) even a CA is not secure. > The (2) case is kinda helpless. > _______________________________________________ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
