On Sun, 28 Oct 2007 10:23:23 +0100 (CET), Anonymous wrote:

>> I'm soooooo confused by all the details! Sorry.
>>
>> It seems you are saying two things here (are you?)
>> 1. Using http://mail.yahoo.com is not safe over a Tor network
>> (because the Tor operator gets your password every time)
>> 2. Using https://mail.yahoo.com is safe (is it?)
>
> Yes. That is correct.
>>
>> The whole point of this question was to ask if http(s) protected my
>> password from recreant Tor operators. Does it or does it not?
>
> It absolutely does, as long as acceptable standards of SSL use are
> adhered to. And of course assuming nobody finds a hole in SSL itself.

And if the moons rise above the planet and giants eat Mars thinking it's
a candy bar.
--
"You can't trust code that you did not totally create yourself"
Ken Thompson "Reflections on Trusting Trust"
http://www.acm.org/classics/sep95/