Anonymous 05/24/2016 (Tue) 03:08:59 No. 4262 del
>>4250
That's the point, the port 80 shouldn't be open, only 443 and then use HSTS to be sure all content is on TLS.
Even the hidden service could support self-signed certs to enhance security, since the TLS used in Tor hidden services is weak (according to Tor blog).