[tor-talk] Tor hidden services and SSL certificates

alex mayer 4lex.mayer at gmail.com
Tue Oct 11 13:05:35 UTC 2011


Dear all,

I'm working on a project that involves a secure installation of a
web blog and a Jabber messenger service through Tor Hidden services.



I'm aware of SSL man in the middle attacks by rogue tor relay servers,
how to protect login credential of the administrators and users while
accessing the services? which is correct mitigation approach?

No SSL enabled?

Self generated SSL certificates?

Other form of confidentiality and integrity protection?


Maybe my questions will sound a bit stupid and basic, anyway
thanks in advance for any response.

Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20111011/947f70da/attachment.htm>


More information about the tor-talk mailing list