Hacker News new | past | comments | ask | show | jobs | submit login

How are you going to use "a PGP public key" to access a service like Facebook that is blocked in China? I'm not aware of any web infrastructure (i.e. ports 80/443) that uses "a PGP public key" to secure communications.

I've been considering operating my Murmur server that runs on a local Debian box as a hidden service because I do not want to expose my public IP (mostly for DoS reasons). Let's just say that it is not very easy, and I hope to document my setup once it is to my satisfaction. Hopefully, we can make this process easy enough for my parents; then we can point to more usage by the mainstream thereby saving you from arguing against the usefulness of such software.




>How are you going to use "a PGP public key" to access a service like Facebook that is blocked in China?

I don't recall suggesting that. I personally used my own VPN server to access services like facebook in China.

>I'm not aware of any web infrastructure (i.e. ports 80/443) that uses "a PGP public key" to secure communications.

I've seen a plenty. In fact, I just sent a PGP encrypted email from gmail over https.

>arguing against the usefulness of such software.

Where am I arguing against the usefulness of such software? I use .onions every day and host several, it's just that unless you need to hide your servers IP address you're adding tons of extra latency for some rather questionable benefits.


>>I'm not aware of any web infrastructure (i.e. ports 80/443) that uses "a PGP public key" to secure communications.

>I've seen a plenty. In fact, I just sent a PGP encrypted email from gmail over https.

The web infrastructure (i.e. "gmail over https") was secured by a certificate (X.509) that is similar to, but separate from, a GPG key. As a user, you chose to take the extra step of encrypting your message locally, but that fact does not change the fact that the _web infrastructure_ was not secured by "a PGP public key."

I guess I got confused by your mentioning of "a PGP public key" because it is a very odd way to put it, and seems orthogonal to the discussion here that Tor hidden services are useful to people other than for black-market eCommerce operations.


>I guess I got confused by your mentioning of "a PGP public key" because it is a very odd way to put it, and seems orthogonal to the discussion here that Tor hidden services are useful to people other than for black-market eCommerce operations.

This is what I was responding to

>The use of hidden services for large sites is that they authenticate the site without the person uploading the documents having to trust the CA system. And the person doing the uploading has to use Tor or something like it because otherwise their adversary would just block them from accessing that site or punish them for it, and Tor is better than something like a VPN in that regard because the uploader only has to trust the design of Tor, not an individual operator like a VPN.

It sounds like AnthonyMouse was suggesting that .onions would be a good way of sharing documents with "large sites" in scenarios where it is important for the user (note: not the site) to hide from someone they aren't the biggest friends with.

Problem with this suggestion is that .onions don't really offer any benefits to an user wanting to hide their activities, but in fact hurt them by dramatically slowing down any transfers (This could be a serious issue for time sensitive stuff).

Therefore, instead of offering an .onion version of their site any such organizations and their users would be better served by a web service on the clearnet with an associated PGP public key that the users could use to encrypt any uploads.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: