[tor-dev] SOOC (Same Origin Onion Certificates) discussion tomorrow

Drew at FoundingDocuments.org Drew at FoundingDocuments.org
Tue Mar 10 15:32:30 UTC 2020


I am very sorry I am missing this! It sounds very interesting I wanted to listen and learn, but I’ having a very tough time connecting to the OFTC webchat. It seems slow or something. I finally got through but then it told me I needed to do a bunch of administrative stuff, so am currently locked out.

However, I noticed this a few weeks ago but haven’t seen it mentioned here. 
https://community.letsencrypt.org/t/if-when-will-le-support-onion-addresses/341/85

See post #85. 

Back to slogging through trying to get into #tor-meeting. 

> On Mar 9, 2020, at 4:10pm, Richard Pospesel <richard at torproject.org> wrote:
> 
> Hi Everyone,
> 
> The current UX situation around HTTPS-enabled onionsites is not the
> best: Tor Browser shows security warning splash screens and icons in
> scenarios that do not warrant them. On top of that, the only way for
> your onion site to not show these warnings is by getting an EV cert
> which is only practical if you have the $$$.
> 
> alecmuffet's SOOC proposal (
> https://github.com/alecmuffett/onion-dv-certificate-proposal/blob/master/text/draft-muffett-same-origin-onion-certificates.txt
> ) does seem to fix these UX problems for us. Though the proposal is
> still incomplete, we can make forward progress with a prototype
> implementation as the certificate specification is fully fleshed out.
> 
> We'll be talking about this tomorrow during the Sponsor 27 meeting
> tomorrow on Tuesday 10th May @ 1500UTC in #tor-meeting. Please feel free
> to come by if you wish to discuss.
> 
> best,
> -Richard
> 
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev



More information about the tor-dev mailing list