[tor-talk] Giving Hidden Services some love

Josef 'veloc1ty ' Stautner hello at veloc1ty.de
Sat Jan 3 00:09:46 UTC 2015


I totally agree with you.

While the Tor network already provides crypto, an on-top encryption wouldn't be bad.

If one security layer has holes there would be an additional layer/fallback.

Am 03.01.2015 00:55 schrieb s7r <s7r at sky-ip.org>:
>
> -----BEGIN PGP SIGNED MESSAGE----- 
> Hash: SHA1 
>
> Now why would we use https on top of a Tor Hidden Service? 
>
> http://foo.onion is not the same as http://foo.com 
>
> The regular internet (clearnet) domains, when used with http, do not 
> provide any kind of encryption or authentication and are vulnerable to 
> man in the middle attacks and wiretapping. 
>
> .onion Tor Hidden Services _already provide end to end encryption and 
> authentication_ when used with the default http. They are not 
> vulnerable to man in the middle attacks or hijacks. On top of this 
> primary layer of encryption, there are more crypto layers in the Tor 
> circuits connecting a client to a hidden service. 
>
> Maybe the crypto currently used in hidden services is not considered 
> _very_ strong with nowadays available computing power, but adding an 
> additional layer of encryption using the commercial CA model seams 
> like the wrong way to do it. Why? Because facebook did it (they were 
> the first ones as far as I Know), it means now this is somehow a 
> requirement? 
>
> I encourage the work on new generation hidden services, which will 
> have better security and better end to end crypto. We do not need 
> commercial CA's in a Tor hidden services for various reasons, 
> including but not being limited to the fact that when you purchase a 
> SSL certificate you leave another money trail and provide details to 
> make a payment / place an order, hurting the anonymity of a hidden 
> service. Why would you pay for something which Tor already does, and 
> even does it better? 
>
> P.S. I personally have _way more trust_ in the RSA1024 and SHA1 
> implementation used in current Tor Hidden Services design than in a 
> publicly available CA. 
>
> Rather than spending time to convince commercial CAs to sign .onion 
> domains, better spend that time to find sponsors in order to enable 
> coders and skilled persons to work on next generation hidden services. 
>
>
> On 1/3/2015 1:23 AM, Josef 'veloc1ty' Stautner wrote: 
> > Why does Tor have to setup an official CA and passing some audits? 
> > Are they even public? 
> > 
> > And why should Tor even rely on that broken CA system? In my 
> > opinion a self signed certificate is the best way at the moment to 
> > ship. The tor developers should invest some time in the CA topic 
> > after Tor becomes a well-known and accpeted network. 
> > 
> > ~Josef 
> > 
> > Am 03.01.2015 um 00:06 schrieb Moritz Bartl: 
> >> On 01/02/2015 06:03 AM, Virgil Griffith wrote: 
> >>> Being a CA for .onion seems a reasonable thing to be.  Should 
> >>> someone already part of the Tor community like torservers.net 
> >>> become that CA? 
> >> I don't think becoming an official CA (ie. passing the audits 
> >> required for inclusion in major browsers) is something we should 
> >> spend our already limited time on. 
> >> 
> > 
> > 
> > 
> > 
> -----BEGIN PGP SIGNATURE----- 
> Version: GnuPG v2.0.22 (MingW32) 
>
> iQEcBAEBAgAGBQJUpy/6AAoJEIN/pSyBJlsRSHUH/0KlnYp/CC8CuGzSWLra3m6G 
> d4dy9To1AOLWAnOzZ9H7KSXVxxg8SSHr+fXT35Uz483lxN7204vfGHvXc13mzmXW 
> Dy9JM7RS5BXz5a3l7/dxm9Ch7gBr6MQLsVLUJ+5aMjvFY0icnO9z1Xu/CMAYnhrx 
> 1aeYNppGY2eiOsZNUUm2pmPYAPGr/cAarOzRlFvTwHsdaj1IfPPtYkO2ZoPLg+6y 
> HqW+Z+YejwRUZcaksNBdM6qVRjrK80MKX2LfIzU60Mj++chepPpUSYPe1n/5uY6c 
> udd7spOTccawEgpa/XXwQZNHeCoQYXNZX9evCRSilNzvNudgWA4BK5jXXUoQHt8= 
> =LbQ9 
> -----END PGP SIGNATURE----- 
> -- 
> tor-talk mailing list - tor-talk at lists.torproject.org 
> To unsubscribe or change other settings go to 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk 


More information about the tor-talk mailing list