Re: [Tails-dev] Removing SSL CA dependency for HTP

Delete this message

Reply to this message
Autore: proper
Data:  
To: tails-dev
Oggetto: Re: [Tails-dev] Removing SSL CA dependency for HTP
<intrigeri@???> wrote:
> But then we would have to differentiate between the .onion (with no
> SSL) and the non-.onion (with SSL + "strict" CA-based certificate
>
> checking), which means additional implementation complexity for
> a relatively small gain. I'm not sure I'd like us to go this way.


Keep me posted.

I see.

Switching to HS-only may require more HS's. There are lists with hidden services. Some hidden services do also have a clearnet url, most do not.

Filling up the foe pool with HS's shouldn't be so hard. Simply use long established hidden services, which are totally anonymous and which do not have a clearnet url. I can certainly find a few.

How much do you want to have at least in all pools?

Filling up the pal and neutral pools with HS's is more tricky. For example https://www.awxcnx.de/ a5ec6f6zcxtudtch.onion could go into the pal or neutral pool, depending on your policy.

And last but not least, we could try asking the members of the pal pool, if they were willing to host a hidden service.

______________________________________________________
powered by Secure-Mail.biz - anonymous and secure e-mail accounts.