Opened 3 years ago

Closed 3 years ago

#18359 closed enhancement (wontfix)

Implement "/ssl" option to HiddenService routing.

Reported by: ikurua22 Owned by:
Priority: Very Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: unspecified
Severity: Minor Keywords: tor-hs
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor: None

Description

HiddenServicePort 443/ssl 10.20.30.40:80
HiddenServiceTLScert /path/to/file/cert
HiddenServiceTLSpkey /path/to/file/secret

User: httpS://abc.de/
Tor: 443-->decrypt-->80
Web: 80.

Child Tickets

Change History (2)

comment:1 Changed 3 years ago by yawning

Component: - Select a componentTor
Keywords: tor-hs added
Milestone: Tor: unspecified
Priority: MediumVery Low
Severity: NormalMinor
Type: projectenhancement
Version: Tor: unspecified

What's the point, links to HSes are already encrypted/authenticated. Beyond that, this feels like feature creep. If people want to use TLS with a HS, the server that they're connecting to should be responsible for terminating TLS, not the tor instance.

IMO wontfix, in that it will add a non-trivial amount of code, to do something (poorly, since this will scale like crap for now) that ultimately shouldn't be the tor daemon's responsibility.

comment:2 Changed 3 years ago by dgoulet

Resolution: wontfix
Sponsor: None
Status: newclosed

Agreed with Yawning here... Closing.

Note: See TracTickets for help on using tickets.