[tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation
Jon Tullett
jon.tullett at gmail.com
Wed Aug 30 17:56:25 UTC 2017
On 30 August 2017 at 19:18, Roger Dingledine <arma at mit.edu> wrote:
> On Wed, Aug 30, 2017 at 03:07:37PM +0100, Ben Tasker wrote:
>> So his suggestion is portrayed as not sacrificing much, but actually
>> sacrifices quite a lot.
>
> This is a really important point. Thinking of onion space right now as
> the sum total of all that it can be is cutting off all of the future
> innovation.
That's a very good way of putting it. Thanks Roger.
> I think finding ways to tie onion addresses to normal ("insecure web")
> domains, when a service has both, is really important too.
> I'd like to
> live in a world where Let's Encrypt gives you an onion altname in your
> https cert by default, and spins up a Tor client by default to let users
> reach your webserver using whichever level of security they prefer.
Doesn't that risk adding insecurity? If I trust a less secure channel
to authenticate the hidden service, then impersonating the hidden
service may become easier by providing a weaker point of attack, no?
It's not like there's a shortage of demos of people getting
LetsEncrypt (and other CA) certs they shouldn't.
-J
More information about the tor-talk
mailing list