[tor-talk] SIGAINT email service targeted by 70 bad exit nodes

grarpamp grarpamp at gmail.com
Thu Apr 23 04:28:56 UTC 2015


On Wed, Apr 22, 2015 at 11:03 PM,  <support at sigaint.org> wrote:
> I know we could SSL sigaint.org, but if it is a state-actor they could just
> use one of their CAs and mill a key.
> ...
> P.S. My PGP key is here: http://sigaintevyh2rzvw.onion/pubkey.txt

Whether or not using a CA's cert, you should TLS wrap all your
services and sign fingerprints of everything on your own so that
those who care can pin down your TLS certs in their apps.
You can also cross sign your signing key with your onion key.


More information about the tor-talk mailing list