[tor-dev] Of CA-signed certs and .onion URIs

Griffin Boyce griffin at cryptolab.net
Sat Nov 15 02:50:17 UTC 2014

Fair. What are your thoughts about possible trade-offs with anonymity when using a CA-signed cert?

On November 14, 2014 9:38:02 PM EST, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>On 11/15/14, Griffin Boyce <griffin at cryptolab.net> wrote:
>> Lee wrote:
>>>> c) Get .onion IANA reserved
>>> It doesn't look like that's going to happen.
>>    Yeah. Though the biggest use-case for cert+onion is when trying to
>> match a clearnet service to a hidden service -- such as Facebook or
>> Erowid.
>That is false. Using TLS has many use-cases - one that is critically
>important is stronger defense in depth.
>All the best,
>tor-dev mailing list
>tor-dev at lists.torproject.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20141114/e599cbd9/attachment-0001.html>

More information about the tor-dev mailing list