[tor-dev] DoH over non-HTTPS onion v3

nusenu nusenu-lists at riseup.net
Sun Jun 17 00:15:00 UTC 2018


this is just a short heads-up.

I'm currently tinkering about how we could
improve DNS security and privacy for tor clients. My idea write-up is not done
yet but since the IETF DoH WG [1] is proceeding towards their next steps
I wanted to move now before it might be to late and let you know that I
might ask them if they want to allow non-HTTPS uris in the case of
onion v3 addresses (currently HTTPS is required). This might be handy for TB in the future.
If you have objections let me know.

I also reached out to Seth Schoen and asked him about his
efforts to make onion v3 DV certificates acceptable to the CA/Browser Forum 
(if that is possible then the HTTPS requirement isn't a problem for DoH over onion v3).


[1] https://datatracker.ietf.org/doc/draft-ietf-doh-dns-over-https

twitter: @nusenu_

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20180617/0f84d94f/attachment.sig>

More information about the tor-dev mailing list