Our Tor encrypted email site has a new SSL certificate

protonmail-onion-ssl-certificate-IM

As part of our commitment to security, we maintain a Tor onion site for ProtonMail which can provide extra privacy and accessibility in countries where ProtonMail is blocked.

ProtonMail is one of the only email providers that offers email access over Tor. We launched the ProtonMail onion site last year as an extra way to fight surveillance and censorship. Since then, ProtonMail has become banned in at least one country with an authoritarian government, and our onion site provides an important means of access to encrypted email from countries with strong online censorship.

For extra protection, we also use HTTPS encryption for our onion site. Earlier this month, we renewed the SSL certificate for our onion site, protonirockerxow.onion. Since we launched our onion site in January 2017, leading SSL certificate provider Digicert has provided us with.onion SSL certificates. Digicert supports strong encryption and is one of the few Certificate Authorities to support onion sites. We are glad to continue our partnership with them.

What is an onion site?

An onion site is a website that can only be reached by using the Tor anonymity network. Tor encrypts your internet connection and routes it through several random servers before it reaches the secret server that houses the ProtonMail onion site.

In this way, internet service providers and governments cannot easily detect your IP address or your location. It also adds a layer of encryption to your internet connection, above the end-to-end encryption we use to secure the contents of your messages. We recommend our onion site for users with heightened concerns about surveillance and attack, and also for users in places where the main ProtonMail website is blocked, such as Turkey.

To use our onion site, you must first install Tor on your computer by following the setup instructions here. We also provide one-click Tor network access through ProtonVPN, our free VPN service.

HTTPS encryption

While the Tor network automatically encrypts the connection between users’ devices and our servers, we decided to add an extra layer of encryption. The HTTPS encryption we provide in partnership with Digicert offers redundancy in case Tor is ever compromised. It also allows us to protect traffic internally between our servers. You can learn more about our onion site and our decision to use HTTPS encryption here.

With the SSL certificate renewal, users will not notice any changes to their service. When you access protonirockerxow.onion, you will see the green text and lock icon in your browser, indicating the website belongs to Proton Technologies AG and that HTTPS encryption is enabled.

Providing encrypted email over Tor is an important part of our mission to protect online freedom. We would like to thank Digicert and the Tor Project for their invaluable support.

Best regards,
The ProtonMail Team

Fingerprints

SHA-256

2F B7 C4 7D BF B1 E9 5F D6 29 6A E7 BE 52 EA C8 12 BE 73 C3 4F 59 2E 68 91 A9 1A 57 9D AD 0B 91

SHA-1

60 49 74 07 BC D4 13 9B 06 FD 15 A6 4E 93 56 B8 12 B7 E9 A7

 

You can get a free secure email account from ProtonMail here.

We also provide a free VPN service to protect your privacy.

ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support!

About the Author

Ben Wolford

A journalist by training, Ben has reported and covered stories around the world. In 2014, he founded a magazine, Latterly, devoted to international reporting on human rights. He joined ProtonMail to help lead the fight for data privacy.

 

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

2 comments on “Our Tor encrypted email site has a new SSL certificate