On Wed, Nov 19, 2014 at 1:05 AM, Tom Ritter tom@ritter.vg wrote:
At that point, they can tell me whatever they want
Some of them will ;)
So I'm not sure I understand the attacks you're talking about.
this .onion SSL bypass stuff into little-t tor, I'm talking about making it a Tor Browser Extension - if that crossed our wires.
Cert infrastructures can make linkphisher proxies harder and gives options to users and operators as well as an actual layer of traditional browser to webserver crypto. Disabling warnings there for all of .onion doesn't. And certainly disabling them for pinned certs and CA's wouldn't.
As before, extending TBB to skip warnings for HS pubkey signed certs of respective single onions seems fine.
It's true that if, on the relay hosting the HS, you forwarded it to another machine and that connection was attacked (between your webserver and your HS relay) - the connection would be insecure.
Your webserver can/should enforce TLS for that connection regardless if it's on localhost or the other side of the planet via clearnet or some other transport.