[tor-talk] General question regarding tor, ssl and .onion.

Alec Muffett alecm at fb.com
Sun Aug 9 12:58:05 UTC 2015 

On Aug 8, 2015, at 4:16 AM, Seth David Schoen <schoen at eff.org> wrote:
> 
> There is an ongoing discussion about how seriously one needs HTTPS with
> a .onion address.  There is already end-to-end encryption built into the
> Tor hidden service design, so communications with hidden services (even
> using an unencrypted application-layer protocol like HTTP) are already
> encrypted.

I’d like to echo the contents of this thread so far - it appears to be well-grounded in reality - but add that "lack of SSL" would have been a deal-breaker for Facebook’s deployment of an Onion site.  It would have not happened.

The reason is simply that HTTP and HTTPS have diverged (and are apparently likely to diverge further?) in how they treat (eg:) secure cookies, and rolling a custom version of our codebase to know and understand that “HTTP over Onion” will/may/will-not have features like referrer-scrubbing or CORS in a HTTPS-sympathetic manner (whilst the scheme in the request still *says* that it arrived over HTTP) would be complex.

I personally feel that to expect more common codebases such as Wordpress or Drupal to special-case Onion addresses would be presumptuous, be unlikely, add cost, and inhibit Onion adoption. Making “Onion” into a security “special case” for HTTP would be a nightmare as Randall Munroe explains: https://xkcd.com/927/ <https://xkcd.com/927/>

My personal preference is to think of “.onion” as the better-than-opportunistic crypto we once sought from IPsec+AH+ESP, since it’s clearly a transport protocol - after all, you can run SSH over it - and then layer vanilla HTTPS over that.  Other than extraordinarily contrived threat model circumstances, I cannot see a reason not to have both. Informal chats with folk near the CA/B-Forum have suggested that non-corporate/non-EV Onion certs may be a possibility in the future.  It might be good to have a few of them around as examples in order to be exemplars of that need.

    -a

—
Alec Muffett
Security Infrastructure
Facebook Engineering
London

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150809/4ff07986/attachment.sig>

More information about the tor-talk mailing list