Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- HTTPS over TOR
May 11, 2006, 9:39 pm
rate this thread
Re: HTTPS over TOR
Mr User wrote:
The Tor exit node IP. The SSL connection is basically "tunneled" through
Tor just like any other connection.
An off the wall comment though, I believe that during an SSL handshake the
client (you) suggests connection parameters like SSL version and key
exchange, and the server accepts or rejects those suggestions. This
*might* mean that you could be partitioned by version number or uniquely
identified by an individually crafted SSL certificate if you're not
careful. Careful, as in paying attention to any warnings about funny
certificates and such.
But these little niggles aside you're as secure as you can be. A bit more
secured than just using plain vanilla HTTP because the Tor exit node can't
see any content. They know where you're going, not what you're doing.
This sort of discussion takes place quite a bit in alt.privacy and
alt.privacy.anon-server, but there's no reason it can't be discussed here.
In the future you might want to pose your questions there also.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----