[Cryptography] Fast handling of IP Address changes for HTTPS

[Ben Tasker]

On 29 Dec 2017 17:10, "Michael Kjörling" <michael at kjorling.se> wrote:

On 28 Dec 2017 22:14 -0500, from johnl at iecc.com (John Levine):
> Or just run the web server on the VPS.  They're good at it.

That's probably the best option for self-hosting, IMO. There are
options out there that don't even cost as much as $4/month, if low
cost is your primary objective and especially if you're willing to
trade some performance for a lower price. https://lowendbox.com/ is a
good place to start looking if you want a cheap VPS.



Or just get a cheap web hosting package somewhere and you won't have
to deal with the hassle of keeping the server running and secure.


That's the route I'd go.

However as it's not been mentioned yet, if the service is for your own use
(or you don't care about access direct from the WWW) there is another
option.

If you configure your laptop to run as a Tor hidden service, you'll have a
.onion that doesn't care when your IP changes.

As you don't care about anonymity of the server, to reduce latency a bit
you can configure it as a single hop service - your laptop will connect
directly to the rendezvous point rather than creating a 3 hop circuit to
it. The client will still create a 3 hop circuit to the RP though.

Upsides are, no port forwarding needed and IP changes are all but
transparent. Downside is obviously that you'll need tor on your client and
will experience slightly increased latency (though in Oz you might not
notice it compared to international browsing).

For SSH you probably won't notice a difference, but if you're planning on
streaming your home movie collection it'll be more of a pain.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171229/03e82842/attachment.html>