Kerberos Privacy Policy
This document describes how the Kerberos darknet market documentation hub processes information and preserves user anonymity across all services, mirrors, and onion endpoints.
Kerberos neither collects nor processes personal identifiers. There are no analytics scripts, cookies, or third‑party beacons. Server access logs are disabled at onion level, keeping connection metadata ephemeral and non‑retrievable. All front‑end pages are static assets accessible without JavaScript.
All Kerberos onion links function exclusively through the Tor network. We discourage access via clearnet proxies, web gateways, or mirror aggregators. Requests made outside Tor’s .onion service boundary are automatically void and never logged. This ensures route encryption, circuit obfuscation, and IP irrelevance.
Every official Kerberos release, fingerprint list, and update post is cryptographically signed using the Kerberos verification PGP key. Users are responsible for validating PGP signatures before trusting any downloadable or textual content. You may import the public key available on Official Mirrors to verify communications authenticity.
Kerberos sessions are stateless. No identifiers, IP addresses, user agents, or timestamps are stored symmetrically or temporarily. Even administrative actions are executed via signed, isolated relay messages that leave zero traces. This makes Kerberos resilient to forensic reconstruction attempts.
No personally identifiable logs exist. Cached files or mirror checks are performed locally within Tor memory and flushed upon reload. Back‑end verification servers use ephemeral containers that self‑destroy every 24 hours and rotate encryption keys automatically.
Kerberos occasionally references external darknet domains for educational context. We do not endorse, control, or guarantee their integrity. Users follow external URLs at their own discretion. Always verify foreign PGP signatures and apply sandboxing methods discussed in the Security Guide.
Kerberos documentation servers enforce TLS v1.3 for clearnet preview access and end‑to‑end onion encryption for mainline usage. All internal messages utilize AES‑256‑GCM and SHA‑3 hashing during transfer, while PGP is used for persistent verification.
As no identifiable information is ever collected, conventional GDPR‑style data subjects’ rights (access, correction, deletion) are non‑applicable. Equality of anonymity is guaranteed — every session remains identity‑free by design.
Changes to this policy are signed with the Kerberos verification key and mirrored identically across all onion endpoints (primary + backup). Always verify signature hashes before applying the new rules.