Delivery-Date: Tue, 18 Nov 2014 04:37:28 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 971A11E0395;
	Tue, 18 Nov 2014 04:37:26 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 9325E31BD4;
	Tue, 18 Nov 2014 09:37:21 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 9230631BD5
 for <tor-talk@lists.torproject.org>; Tue, 18 Nov 2014 09:37:17 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id FCGbRWrkKHFo for <tor-talk@lists.torproject.org>;
 Tue, 18 Nov 2014 09:37:17 +0000 (UTC)
Received: from mail-wi0-f180.google.com (mail-wi0-f180.google.com
 [209.85.212.180])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 3EAC631BCB
 for <tor-talk@lists.torproject.org>; Tue, 18 Nov 2014 09:37:17 +0000 (UTC)
Received: by mail-wi0-f180.google.com with SMTP id n3so4533704wiv.7
 for <tor-talk@lists.torproject.org>; Tue, 18 Nov 2014 01:37:14 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
 :subject:content-type;
 bh=FlkrbAean4CI+o1yU+I+pdYZbyb/BjtZyVBqVErPgVo=;
 b=hmW7vHgevXfcC+6LCxO2M90ptbHEFMt8ATWmQwzeNvnIvmjqFchaJMt/9Trmp9wU3P
 xvu+mi6V2UGL3Gdz/fLAPKi94fsAapj8h9z2XikWNI0uiN2kZhMupJNmqW1wz0XcfcTl
 zcqUZ2dzZlrrP570ICRKANpNVn2XFMOE2laF3NdYQOzargT5TA6012hBo0tCkuo7ahHb
 0a8YPnyQHfCyLPhmeUohxM8Isfqy90UIDoVG365Jo97pNRSONYVQxcFlNDq9GDhR05zN
 6mw296sG6KGUdGri1VPbA/el+6qTboN0s99cOBrXkmewIBO3JHKkb5OJGZd7afWlnK8w
 0DSg==
X-Gm-Message-State: ALoCoQkl0yvB+9FD5GdnIao0qwWcE4N3QDHRIeC+cog7zACKRYUKKqoZQ5/CtO8iLUVz0OYYv2nq
X-Received: by 10.180.21.140 with SMTP id v12mr2366178wie.44.1416303434184;
 Tue, 18 Nov 2014 01:37:14 -0800 (PST)
Received: from [192.168.1.64] (93-40-144-148.ip39.fastwebnet.it.
 [93.40.144.148])
 by mx.google.com with ESMTPSA id wa10sm50369916wjc.8.2014.11.18.01.37.12
 for <tor-talk@lists.torproject.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 18 Nov 2014 01:37:13 -0800 (PST)
Message-ID: <546B1347.2020104@evilaliv3.org>
Date: Tue, 18 Nov 2014 10:37:11 +0100
From: Giovanni Pellerano <giovanni.pellerano@evilaliv3.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
Subject: [tor-talk] Tor2web support for HTTPS on .onion
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1481637607930440815=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============1481637607930440815==
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="rxWA5tIP8tklDxpWgb5KpHHH1p5UNEntd"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--rxWA5tIP8tklDxpWgb5KpHHH1p5UNEntd
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Dear all,

We=E2=80=99re happy to announce the release of Tor2web 3.1.30 [1] that in=
cludes
support for access to .onion sites over TLS.

Tor2web[2] is HTTP proxy server software used for accessing onion sites.

The Tor2web support for TLS includes the following security features:

- TOFU  (Trust on First Use) certificate validation by caching the
fingerprint of the .onion site
- Validation of CN (Common Name) and SANs (Subject Alternative Names)
specified in the certificate of the .onion domain.

As Facebook has recently opened its own onion site [3], we=E2=80=99ve bee=
n
coordinating this release with Alec Muffett from Facebook in order to
block access to Facebook by means of the Tor2web proxy. Because Facebook
has a normal website, using Tor2web merely presents an option for users
to hurt themselves.  You can see the Facebook block here:
https://facebookcorewwwi.tor2web.org

Current Tor2web conduits are:

- tor2web.org (running 2 out of 3 servers after recent server takedown
due to CryptoWall abuses)
- tor2web.fi by Ahmia (https://ahmia.fi)
- onion.lt
- onion.to (temporally dead after server takedown)
- tor2web.blutmagie.de (expired certificates)

We remind the community that Tor2web yearns for additional operators.

If you want to run a Tor2web conduit or otherwise support Tor2web:
- take a look at our wiki https://github.com/globaleaks/Tor2web-3.0/wiki
- join the tor2web-talk mailing list
http://lists.tor2web.org/mailman/listinfo/tor2web-talk

[1] https://github.com/globaleaks/Tor2web-3.0
[2] https://www.tor2web.org/
[3]
https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs=


Giovanni Pellerano - Founding Member
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https://ahmia.fi
		=09


--rxWA5tIP8tklDxpWgb5KpHHH1p5UNEntd
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlRrE0cACgkQkeybuNmpUN6P+wCdEDsp2vg3VFTZIKDcfl54h6iv
vRoAn0S/Tyxda9jpCThAFX2Io9Rfn4LZ
=wimg
-----END PGP SIGNATURE-----

--rxWA5tIP8tklDxpWgb5KpHHH1p5UNEntd--

--===============1481637607930440815==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============1481637607930440815==--

