Re: SSL for debian.org/security?

To: debian-security@lists.debian.org
Subject: Re: SSL for debian.org/security?
From: Djones Boni <07ea86bb4e@gmail.com>
Date: Tue, 29 Oct 2013 08:09:43 -0200
Message-id: <[🔎] 526F8967.5070707@gmail.com>
In-reply-to: <[🔎] 526F7FDF.7030601@tightwax.com>
References: <[🔎] CAAy1gkeUt_jr0uDt0B=HdnAZnmmHDqygrwgYg4dU7X9zjVUrSA@mail.gmail.com> <[🔎] 526F7FDF.7030601@tightwax.com>

On 29-10-2013 07:29, Nikolay Kubarelov wrote:

I would use Tor hidden service instead of SSL.

Tor is too slow and you must install additional software.
A better idea is offer both SSL and a Tor Hidden Service. You choose which use.

Do not forget Tor encryption is not considered secure anymore.

On 29-10-2013 07:52, Tormen wrote:

And then again:
http://yro.slashdot.org/story/13/08/04/2054208/half-of-tor-sites-compromised-including-tormail
^^

Half of Tor Hidden Services are compromised. So Debian THS will be also compromised.
I cannot see your point.

Reply to:

Follow-Ups:
- Re: SSL for debian.org/security?
  - From: <burgers.rob@gmail.com>
- Re: SSL for debian.org/security?
  - From: adrelanos <adrelanos@riseup.net>

References:
- SSL for debian.org/security?
  - From: Mark Haase <mark.haase@lunarline.com>
- Re: SSL for debian.org/security?
  - From: Nikolay Kubarelov <niko@tightwax.com>

Prev by Date: Re: SSL for debian.org/security?
Next by Date: Re: SSL for debian.org/security?
Previous by thread: Re: SSL for debian.org/security?
Next by thread: Re: SSL for debian.org/security?
Index(es):
- Date
- Thread