[tor-dev] Of CA-signed certs and .onion URIs
griffin at cryptolab.net
Sat Nov 15 02:50:17 UTC 2014
Fair. What are your thoughts about possible trade-offs with anonymity when using a CA-signed cert?
On November 14, 2014 9:38:02 PM EST, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>On 11/15/14, Griffin Boyce <griffin at cryptolab.net> wrote:
>> Lee wrote:
>>>> c) Get .onion IANA reserved
>>> It doesn't look like that's going to happen.
>> Yeah. Though the biggest use-case for cert+onion is when trying to
>> match a clearnet service to a hidden service -- such as Facebook or
>That is false. Using TLS has many use-cases - one that is critically
>important is stronger defense in depth.
>All the best,
>tor-dev mailing list
>tor-dev at lists.torproject.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-dev