[tor-talk] Finally a Cloudflare captchas workaround thanks to next-gen onion services?
alec.muffett at gmail.com
Thu Feb 23 08:57:40 UTC 2017
On 23 February 2017 at 08:32, grarpamp <grarpamp at gmail.com> wrote:
> Being tired at the moment to say these numbers correct,
> practically speaking, cloudflare's excuse seems a bit invalid.
To be fair, it's not Cloudflare's excuse, it's the entire CA/Browser Forum
The security community has been caught before by "merely hypothetical"
exploits suddenly appearing in the wild - TCP Sequence Number Prediction
springs to mind - so now the rule is "SHA-1 is bad", it's just been purged
from the certificate world in general, and they'll be damned if they're
gonna let it back in anywhere else.
More information about the tor-talk