[liberationtech] Tor2web support for HTTPS on .onion
carlo von lynX
lynX at time.to.get.psyced.org
Wed Nov 19 08:29:45 PST 2014
Sorry for answering my own question, but I hope it's interesting.
On Wed, Nov 19, 2014 at 05:14:48PM +0100, carlo von lynX wrote:
> It is non-obvious to me how accessing FB over T2W would be hurting users.
> If tor2web hands the TLS negotiation through from the web browser to the
> Facebook backend, the tor2web proxies therefore do not have access to
> cleartext Facebook/user data, how would this be bad for the user?
I think I figured it out. If naif's question about Facebook using the
Tor2web mode is to be answered positively, then you are both cheating
on the onion routing. Both Tor2web and Facebook skip the relay hops on
the way to the rendez-vous point - thus there would only be the
rendezvous point as a relay between tor2web and the Facebook backbone
which can be considered rather bad for anonymity.
Did I get that right?
--
http://youbroketheinternet.org
ircs://psyced.org/youbroketheinternet
More information about the liberationtech
mailing list