Comment by amelius
Ok, but if I run (say) HTTPS over the innermost tunnel, then I suppose that HTTPS will take care of any discrepancies.
Ok, but if I run (say) HTTPS over the innermost tunnel, then I suppose that HTTPS will take care of any discrepancies.
You can indeed use HTTPS with the end server (e.g., accessing Wikipedia). This correctly hides the traffic content from all relays.
To reach this point, though, you first need to set up the Tor circuit itself. This is done in a 'telescopic' fashion: the user connects via TLS to the first relay, then sends a message to extend the circuit to a second relay, then to the third (and usually last) relay. Finally, to open Wikipedia, you send a layered encrypted message to the last relay. All this data is link-protected by TLS on the wire, but protected by Tor's relay encryption mechanism while being processed by the nodes.