On Sun, Dec 23, 2018, at 14:05, Roger Dingledine wrote: > Assuming the difference is "cloudflare vs not cloudflare", check out > https://trac.torproject.org/27590
One of the comments on this bug is severely wrong: "Why the hell doesn't it inform about using plain text .onion connections on https sites?!!! (No questions for https .onion alternate routes.) Example of cf alt-svc: cflarexljc3rw355ysrkrzwapozws6nre6xsy3n4yrj7taye3uiby3ad.onion:443 (plain text (http)!!!)" This is not correct, alt-svc over port 443 not only uses https, but it uses the certificate of the original site (not the cflarex...onion) address displayed, ensuring that the alt-svc is valid and able to serve traffic for the original site's URL using a valid certificate. I can't be arsed to register just to post one comment and correcting people who are severely confused about Cloudflare (and/or alt-svc) would easily be more than a single full time job, but it might be worth noting in this case to reduce confusion. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
