[tor-talk] Let's not keep rehashing the past, it's dead already... (Was: Fishy MegaCorpsArchy)
Alec Muffett
alec.muffett at gmail.com
Tue Oct 16 20:11:08 UTC 2018
On Tue, 16 Oct 2018, 09:35 grarpamp, <grarpamp at gmail.com> wrote:
...vast amounts of deletia...
b) Key material
> 1) Holding onion names hostage in [non] custodial /
> contractual form, whether they give subscribers
> the [offline] crypto keys, or sell / rent / extort them,
> portability, multihoming.
>
Um; I can only see this being a risk or threat if you imagine that
Cloudflare is assigning abd surfacing permanent "parallel" onion
addresses/names to their customers.
If you do believe that, then you've misapprehended how Alt-Svc works.
Neither clients nor website owners ever see onion addresses; all the onion
addresses are ephemeral and buried at/below the HTTP layer.
2) Security aganst keytheft breach and subsequent
> impersonation of the sites from behind 7 proxies,
> phishing, etc. Compensation for site and user losses.
>
Ditto; likewise not an issue with Alt-Svc onionification; the mechanism
never surfaces onion keys to the user, and the onions themselves are
short-lived / ephemeral.
- alec
More information about the tor-talk
mailing list