With .onion addresses, provided you know you have the correct address, you can also be sure there's no TLS MITM going on, whereas https://.com relies on the CA system.
In addition, .onion addresses are censorship-resistant -- require the private key to mess with, instead of leaning on / social engineering / hacking a registrar or DNS server. On 08/07/2014 02:18 AM, Öyvind Saether wrote: >> I use a service that provides both a clearnet address and an onion >> address. I only access this service through Tor and I usually do it >> via the clearnet address. Are there any benefits to accessing such a >> service via its onion address? > > Tor location hidden services have end-to-end encryption. If the site > you are abusing has a http:// clearnet address then you get more > end-to-end security by using the .onion address instead. > > Also, the exit node you are using can see someone visiting the site in > question. This is also avoided if you use the .onion variant. > > > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
