[tor-relays] tor hidden services & SSL EV certificate
bernard
ei8fdb at ei8fdb.org
Tue Dec 29 21:25:23 UTC 2015
On 29/12/2015 20:55, Mirimir wrote:
> On 12/29/2015 01:16 PM, bernard wrote:
<snip>
>> The objective of it (from a users point of view) would be the tieing the
>> identity of the *clear web* site and the *.onion site* together to give
>> the user some trust that bigclearwebwebsite.onion is in fact the same as
>> the .com site.
>>
>>
>>
>> (Replace bigclearwebwebsite. with DuckDuckGo, Facebook, etc)
>
> True. But I don't see that it helps much for onion sites that aren't
> tied to well-known clearweb sites.
Fair point. Maybe for users of a .onion site that *itself* needs
anonymity, an SSL cert is not helpful to it.
But another way of asking: how do I as a user trust that .onion site?
> I've been playing with GnuPG-signed pages, with the public key available
> from multiple independent sources. But of course, it's a bit much to
> expect users to verify signatures.
Well, given difficulties users have with verification of GPG key
strings, that would be difficult.
Bernard
More information about the tor-relays
mailing list