Fair. What are your thoughts about possible trade-offs with anonymity when using a CA-signed cert?


On November 14, 2014 9:38:02 PM EST, Jacob Appelbaum <jacob@appelbaum.net> wrote:
On 11/15/14, Griffin Boyce <griffin@cryptolab.net> wrote:
Lee wrote:
c) Get .onion IANA reserved

It doesn't look like that's going to happen.

Yeah. Though the biggest use-case for cert+onion is when trying to
match a clearnet service to a hidden service -- such as Facebook or
Erowid.


That is false. Using TLS has many use-cases - one that is critically
important is stronger defense in depth.

All the best,
Jacob


tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev