[tor-talk] Giving Hidden Services some love
Josef 'veloc1ty ' Stautner
hello at veloc1ty.de
Sat Jan 3 00:09:46 UTC 2015
I totally agree with you.
While the Tor network already provides crypto, an on-top encryption wouldn't be bad.
If one security layer has holes there would be an additional layer/fallback.
Am 03.01.2015 00:55 schrieb s7r <s7r at sky-ip.org>:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Now why would we use https on top of a Tor Hidden Service?
>
> http://foo.onion is not the same as http://foo.com
>
> The regular internet (clearnet) domains, when used with http, do not
> provide any kind of encryption or authentication and are vulnerable to
> man in the middle attacks and wiretapping.
>
> .onion Tor Hidden Services _already provide end to end encryption and
> authentication_ when used with the default http. They are not
> vulnerable to man in the middle attacks or hijacks. On top of this
> primary layer of encryption, there are more crypto layers in the Tor
> circuits connecting a client to a hidden service.
>
> Maybe the crypto currently used in hidden services is not considered
> _very_ strong with nowadays available computing power, but adding an
> additional layer of encryption using the commercial CA model seams
> like the wrong way to do it. Why? Because facebook did it (they were
> the first ones as far as I Know), it means now this is somehow a
> requirement?
>
> I encourage the work on new generation hidden services, which will
> have better security and better end to end crypto. We do not need
> commercial CA's in a Tor hidden services for various reasons,
> including but not being limited to the fact that when you purchase a
> SSL certificate you leave another money trail and provide details to
> make a payment / place an order, hurting the anonymity of a hidden
> service. Why would you pay for something which Tor already does, and
> even does it better?
>
> P.S. I personally have _way more trust_ in the RSA1024 and SHA1
> implementation used in current Tor Hidden Services design than in a
> publicly available CA.
>
> Rather than spending time to convince commercial CAs to sign .onion
> domains, better spend that time to find sponsors in order to enable
> coders and skilled persons to work on next generation hidden services.
>
>
> On 1/3/2015 1:23 AM, Josef 'veloc1ty' Stautner wrote:
> > Why does Tor have to setup an official CA and passing some audits?
> > Are they even public?
> >
> > And why should Tor even rely on that broken CA system? In my
> > opinion a self signed certificate is the best way at the moment to
> > ship. The tor developers should invest some time in the CA topic
> > after Tor becomes a well-known and accpeted network.
> >
> > ~Josef
> >
> > Am 03.01.2015 um 00:06 schrieb Moritz Bartl:
> >> On 01/02/2015 06:03 AM, Virgil Griffith wrote:
> >>> Being a CA for .onion seems a reasonable thing to be. Should
> >>> someone already part of the Tor community like torservers.net
> >>> become that CA?
> >> I don't think becoming an official CA (ie. passing the audits
> >> required for inclusion in major browsers) is something we should
> >> spend our already limited time on.
> >>
> >
> >
> >
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
>
> iQEcBAEBAgAGBQJUpy/6AAoJEIN/pSyBJlsRSHUH/0KlnYp/CC8CuGzSWLra3m6G
> d4dy9To1AOLWAnOzZ9H7KSXVxxg8SSHr+fXT35Uz483lxN7204vfGHvXc13mzmXW
> Dy9JM7RS5BXz5a3l7/dxm9Ch7gBr6MQLsVLUJ+5aMjvFY0icnO9z1Xu/CMAYnhrx
> 1aeYNppGY2eiOsZNUUm2pmPYAPGr/cAarOzRlFvTwHsdaj1IfPPtYkO2ZoPLg+6y
> HqW+Z+YejwRUZcaksNBdM6qVRjrK80MKX2LfIzU60Mj++chepPpUSYPe1n/5uY6c
> udd7spOTccawEgpa/XXwQZNHeCoQYXNZX9evCRSilNzvNudgWA4BK5jXXUoQHt8=
> =LbQ9
> -----END PGP SIGNATURE-----
> --
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
More information about the tor-talk
mailing list