[tor-dev] Hidden Service authorization UI

Andrea Shepard andrea at torproject.org
Sun Nov 9 16:02:54 UTC 2014


On Sun, Nov 09, 2014 at 08:18:40AM -0500, Griffin Boyce wrote:
> So most of my work over the next three days is writing and editing
> documentation on hidden services. 
> 
> I'm in Boston and the purpose of this trip is to rewrite existing
> documentation to be more useful, but with authenticated hidden services,
> what's available is extremely sparse. GlobaLeaks and SecureDrop have good
> authenticated hidden service setups (and good use cases for them). A friend
> of mine uses an authenticated HS for his personal cloud.  More secure for
> him than logging into DropBox, etc. So they're also useful for mere mortals
> like us. ;-) 
> 
> Is there something you need/want in terms of documentation.
> 
> best,
> Griffin
> 
> PS: yes I'm aware of the hilarious timing of this trip.

No particular suggestions to offer on documentation, but 'hilarious' may
actually be 'good', since for situations like this where an HS doesn't need
to be open to the general public, it denies attackers the ability to cause
the HS to produce traffic on demand and thus probably makes it more resistant
to any HS exploits that may have been involved in recent events.

-- 
Andrea Shepard
<andrea at torproject.org>
PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF  DE79 A4FF BC34 F01D D536
PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5  DF7E 4191 13D9 D0CF BDA5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 328 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20141109/f3ada777/attachment.sig>


More information about the tor-dev mailing list