[Pkg-privacy-maintainers] Bug#760308: add https for additional, optional security layer
Nicolas Braud-Santoni
nicolas at braud-santoni.eu
Thu May 19 13:11:08 UTC 2016
Control: tags -1 moreinfo
Holger, what is the expected security improvement?
It's not as if a self-signed cert would make impersonating the onion service
harder, and forward-secrecy on the exchange is provided by the Tor circuit
(using the ntor KEX on Curve25519, if I'm not mistaken).
Best,
nicoo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-privacy-maintainers/attachments/20160519/1cc674d7/attachment.sig>
More information about the Pkg-privacy-maintainers
mailing list