<html><head></head><body>Fair. What are your thoughts about possible trade-offs with anonymity when using a CA-signed cert?<br>
<br><br><div class="gmail_quote">On November 14, 2014 9:38:02 PM EST, Jacob Appelbaum <jacob@appelbaum.net> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre class="k9mail">On 11/15/14, Griffin Boyce <griffin@cryptolab.net> wrote:<br /><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #729fcf; padding-left: 1ex;"> Lee wrote:<br /><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #ad7fa8; padding-left: 1ex;"><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #8ae234; padding-left: 1ex;"> c) Get .onion IANA reserved<br /></blockquote><br /> It doesn't look like that's going to happen.<br /></blockquote><br />    Yeah. Though the biggest use-case for cert+onion is when trying to<br /> match a clearnet service to a hidden service -- such as Facebook or<br /> Erowid.</blockquote><br /><br />That is false. Using TLS has many use-cases - one that is critically<br />important is stronger defense in depth.<br /><br />All the best,<br />Jacob<br /><hr /><br />tor-dev mailing list<br />tor-dev@lists.torproject.org<br /><a
href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev</a><br /></pre></blockquote></div></body></html>