[tor-relays] tor hidden services & SSL EV certificate

Paul Syverson paul.syverson at nrl.navy.mil
Wed Dec 30 12:55:38 UTC 2015 

On Tue, Dec 29, 2015 at 12:27:06PM -0900, Jesse V wrote:
> On 12/29/2015 11:18 AM, Aeris wrote:
> >> A few hidden services have added an
> >> HTTPS cert but I think that's mostly for a publicity stunt than anything
> >> else.
> > 
> > As indicated in the roger’s lecture, HTTPS is usefull for HS :
> > 	- browsers handle more securely cookies or other stuff in HTTPS mode, 
> > avoiding some possible leaks
> > 	- because anybody can create an HS and proxify any content, X.509 certs 
> > allow users to verify the authenticity of the HS (you are on the official 
> > Facebook HS if you have a cert with facebook.com *AND* facebookcorewwwi.onion 
> > inside)
> > 
> 
> I've downloaded the .webm of Roger's lecture but haven't had the time
> today to listen to it. My point was that HSs already have an
> authentication mechanism and it's assumed that you can verify the
> address through some trusted out-of-band method, so in that case you
> don't need an SSL cert. This can sometimes be superior to trusting the
> centralized CA model, but I agree that the points you've listed are
> useful applications as well.
> 

In case it is helpful. Griffin Boyce and I have a paper forthcoming in
IEEE Security & Privacy Magazine on this topic. The final editorial
changes are not in so it might change a little, but you can find the
hopefully-close-to-final version at
https://github.com/saint/w2sp-2015/blob/master/SP_SPSI-2015-09-0170.R1_Syverson.pdf

It covers

- How the self-authentication of onionsites that Jesse has been noting
  and the SSL certs for registered-domain websites that Benoit asked
  about can complement each other in a variety of ways---and not just
  for big companies but for individuals, small businesses, local
  organizations, clubs, sports teams, etc.

- The current state of certs for onionsites (EV only), and what
  the issues are that stand in the way of DV certs and a proposal
  for resolving them.

- How this can all dovetail nicely with Let's Encrypt (an issuance
  and usage design that binds things together nicely so it is hard to
  undetectably set up a spoof onionsite of another onionsite
  of a registered-domain site, etc. and vice versa) once DV certs
  are allowed.

- A description of using GPG that can be done right now while waiting
  for the world to catch up, and an existing example of a site that
  does such binding (from a small site operator who found his hosting
  provider was blocking access from the Tor network). We just cited
  one such example in the paper, but there are of course others, e.g.,
  https://blog.patternsinthevoid.net/isis.txt

aloha,
Paul

More information about the tor-relays mailing list