Re: [tor-talk] Ordering a .onion EV certificate from Digitcert

[Aymeric Vitte <vitteaymeric@xxxxxxxxx>]

For what use exactly? ie why people should want a TLS certificate for a
.onion, which by definition is something not tied to an official
"domain", like anything that has no other choice than using self-signed
certificates?

Something can be done to verify that someone owns the .onion "domain"
and probably we should study this (for letsencrypt for example) and get
rid of this notion of "domain" which is obsolete, please take a look at
this thread
http://lists.w3.org/Archives/Public/public-webapps/2015OctDec/0205.html
(follow the previous posts if you have time, this addresses the very
same problematic, including letsencrypt), still not convincingly
answered (despite of the fact that the W3C obviously does not follow its
security policy for WebRTC), since people there seem to find a kind of
funny the Tor protocol but, happier for the planet, succeeded to secure
it with a fb .onion certificate.

Le 15/12/2015 17:09, Fabio Pietrosanti (naif) - lists a écrit :
> Hello,
> 
> we asked on Twitter to Digicert to provide a quick guide on how order an
> x509v3 certificate for TLS for a .onion, they've just published this
> small guide:
> https://blog.digicert.com/ordering-a-onion-certificate-from-digicert/
> 
> Hopefully other CA will follow and at a certain point letsencrypt too.
> 

-- 
Get the torrent dynamic blocklist: http://peersm.com/getblocklist
Check the 10 M passwords list: http://peersm.com/findmyass
Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk