[tor-talk] Proposed DV certificate issuance for next-generation onion services

Seth David Schoen schoen at eff.org
Fri Nov 3 00:23:33 UTC 2017


Coinciding with the Tor blog post today about next-generation onion
services, I sent a proposal to the CA/Browser Forum to amend the rules
to allow issuance of publicly-trusted certificates for use with TLS
services on next-generation onion addresses (with DV validation methods,
in addition to the currently-permitted EV methods -- thereby permitting
individuals as well as anonymous service operators to receive these
certificates).

https://cabforum.org/pipermail/public/2017-November/012451.html

Thanks to various people here for discussing the merits of this with me.
We'll see what the Forum's membership thinks of the idea!

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107


More information about the tor-talk mailing list