Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
hshdhdhehd
3 months ago
|
parent
|
context
|
favorite
| on:
Spinning Up an Onion Mirror Is Stupid Easy
Anyone comment on the http thing? Does Tor layer security in that anyway so "Saul Goodman" or is there anything more needed here?
mzajc
3 months ago
|
next
[–]
The onion address is the certificate, albeit not one that expires or can be revoked. As long as you get it from a trusted source, you should be good.
blueflow
3 months ago
|
prev
[–]
Without having a trustable certificate, the connection can be MITM'ed anyways. Anyone can produce a self-signed cert on demand.
immibis
3 months ago
|
parent
[–]
Onion addresses are unforgeable and traffic is encrypted. http over .onion is comparable to http over tls.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
