[tor-dev] Of CA-signed certs and .onion URIs
Griffin Boyce
griffin at cryptolab.net
Sat Nov 15 02:50:17 UTC 2014
Fair. What are your thoughts about possible trade-offs with anonymity when using a CA-signed cert?
On November 14, 2014 9:38:02 PM EST, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>On 11/15/14, Griffin Boyce <griffin at cryptolab.net> wrote:
>> Lee wrote:
>>>> c) Get .onion IANA reserved
>>>
>>> It doesn't look like that's going to happen.
>>
>> Yeah. Though the biggest use-case for cert+onion is when trying to
>> match a clearnet service to a hidden service -- such as Facebook or
>> Erowid.
>>
>
>That is false. Using TLS has many use-cases - one that is critically
>important is stronger defense in depth.
>
>All the best,
>Jacob
>_______________________________________________
>tor-dev mailing list
>tor-dev at lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20141114/e599cbd9/attachment-0001.html>
More information about the tor-dev
mailing list