add https://subgraphqov3womk.onion to dist.subgraph.com's certificate, to be nice

[ghostlands]

Tor may not need SSL, but it still looks bad when the sigs and ISOs for a secure OS have to pass through a gauntlet of "insecurity" warnings to be downloaded.

Also, please list the .onion domain somewhere findable on the main site. I'd rather not have to do extra work to make sure the redirect isn't hostile. There isn't any mention anywhere on the site to expect a .onion redirect, or what the redirect will be to.

[xSmurf]

It would be, but it's sadly not possible. Per the CA/B Forum even though .onion has been accepted as a special TLD by ICANN, only EV certificates are allowable for the TLD. Which means that Let's Encrypt DV certs cannot be used. Not something in the realm of the doable right now. I'm debating whether to turn off the certificate entirely on the hidden service, but in the two or so months it's been up only a handful of people have mentioned it. And right now you could at least verify that we own the hidden service by checking the fingerprint on the .com domain from another channel so it can be useful to the very paranoid (and skilled).

I agree that the onion should be listed on the site, I'll get to that shortly done.

I'm gonna leave the ticket open for others to comment though.

[ghostlands]

Adding mention of the specific .onion domain is the basic thing, that's good for now.