<p>looks good bernard, some general thoughts:</p>
<ul>
<li>did you look into JWT (<a href="https://jwt.io/" rel="nofollow">https://jwt.io/</a> and <a href="https://en.wikipedia.org/wiki/JSON_Web_Token" rel="nofollow">https://en.wikipedia.org/wiki/JSON_Web_Token</a> ) ? Not strictly needed of course, but used it lately and works well.</li>
<li>With letsencrypt SSL has gotten much easier (add some docker containers and you have auto-updating free SSL) so would at least leave the option open for those who have a domain name. Basically an option to either disable TOR or have it running on a non-80 port.</li>
</ul>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/bisq-network/proposals/issues/69#issuecomment-456058772">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AkpZtstTHVHERQ1G73ARIJUNuWtZlS9Qks5vFbNkgaJpZM4aKpN9">mute the thread</a>.<img src="https://github.com/notifications/beacon/AkpZtqZKdZOz30mraTi2D05hz8O-X-u2ks5vFbNkgaJpZM4aKpN9.gif" height="1" width="1" alt="" /></p>
<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/bisq-network/proposals","title":"bisq-network/proposals","subtitle":"GitHub repository","main_image_url":"https://github.githubassets.com/images/email/message_cards/header.png","avatar_image_url":"https://github.githubassets.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/bisq-network/proposals"}},"updates":{"snippets":[{"icon":"PERSON","message":"@mrosseel in #69: looks good bernard, some general thoughts:\r\n- did you look into JWT (https://jwt.io/ and https://en.wikipedia.org/wiki/JSON_Web_Token ) ? Not strictly needed of course, but used it lately and works well.\r\n- With letsencrypt SSL has gotten much easier (add some docker containers and you have auto-updating free SSL) so would at least leave the option open for those who have a domain name. Basically an option to either disable TOR or have it running on a non-80 port."}],"action":{"name":"View Issue","url":"https://github.com/bisq-network/proposals/issues/69#issuecomment-456058772"}}}</script>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/bisq-network/proposals/issues/69#issuecomment-456058772",
"url": "https://github.com/bisq-network/proposals/issues/69#issuecomment-456058772",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>