On Thu, Mar 04, 2010 at 12:12:43AM -0500, Ted Smith wrote: > On Wed, 2010-03-03 at 18:03 +0100, moris blues wrote: > > i re that it is not secure to use a hidden service > > with ssl. > > That's wrong. It might be superfluous at times, since you get end-to-end > crypto from Tor, but it's not at all insecure to use TLS/SSL on a hidden > service.
The general notion that people are pushing is that since Privoxy keeps you safe, and Privoxy can't look inside SSL, then it can't keep you safe when you're using SSL. The problem with that logic is that Privoxy isn't what should keep you safe. Your Firefox (plus extensions) is what should do it. Torbutton does most of the steps that you might want. Adblock will remove some ads. Etc. Doing the keeping-you-safe at the proxy is just the wrong place to do it. Which makes the faq entry: https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#HttpsHiddenService not very accurate or useful. Anybody want to rewrite it to be more crisp and more accurate? :) --Roger *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/