[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Ordering a .onion EV certificate from Digitcert
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Well,
I personally think the CA mechanism is broken, so letsencrypt would be the better choice of the bad ones.
Maybe the tordevs could implement a mechanism for selfsigned certs with the key mechanism of the hidden service itself to avoid the need of a CA...
Am 15. Dezember 2015 22:24:05 MEZ, schrieb Aymeric Vitte <vitteaymeric@xxxxxxxxx>:
>For what use exactly? ie why people should want a TLS certificate for a
>.onion, which by definition is something not tied to an official
>"domain", like anything that has no other choice than using self-signed
>certificates?
>
>Something can be done to verify that someone owns the .onion "domain"
>and probably we should study this (for letsencrypt for example) and get
>rid of this notion of "domain" which is obsolete, please take a look at
>this thread
>http://lists.w3.org/Archives/Public/public-webapps/2015OctDec/0205.html
>(follow the previous posts if you have time, this addresses the very
>same problematic, including letsencrypt), still not convincingly
>answered (despite of the fact that the W3C obviously does not follow
>its
>security policy for WebRTC), since people there seem to find a kind of
>funny the Tor protocol but, happier for the planet, succeeded to secure
>it with a fb .onion certificate.
>
>Le 15/12/2015 17:09, Fabio Pietrosanti (naif) - lists a Ãcrit :
>> Hello,
>>
>> we asked on Twitter to Digicert to provide a quick guide on how order
>an
>> x509v3 certificate for TLS for a .onion, they've just published this
>> small guide:
>> https://blog.digicert.com/ordering-a-onion-certificate-from-digicert/
>>
>> Hopefully other CA will follow and at a certain point letsencrypt
>too.
>>
>
>--
>Get the torrent dynamic blocklist: http://peersm.com/getblocklist
>Check the 10 M passwords list: http://peersm.com/findmyass
>Anti-spies and private torrents, dynamic blocklist:
>http://torrent-live.org
>Peersm : http://www.peersm.com
>torrent-live: https://github.com/Ayms/torrent-live
>node-Tor : https://www.github.com/Ayms/node-Tor
>GitHub : https://www.github.com/Ayms
>--
>tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>To unsubscribe or change other settings go to
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
- --
We don't bubble you, we don't spoof you ;)
Keep your data encrypted!
Log you soon,
your Admin
elrippo@xxxxxxxxxxxxxxxxx
Encrypted messages are welcome.
0x84DF1F7E6AE03644
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (GNU/Linux)
mQINBFH797MBEAC0Y0NeI7lmDR9szTEcWuHuRe0r/WjSRC0Nr5nXsghuMcxpJ3Dd
BOBimi4hdMMK4iqPVMwNw6GpKYR3A9LHHjbYRXHUKrJmB+BaJVyzJXN5H6XvxTTb
UfX+DaXAGJW/G+3cBB3qm/QaU8QGkBKfXq0DLTaTGPkGKxEAldj/8onGZhawdJs+
B92JrW+S2HDh15pIuXzSqe7eCcIOdvvwfWe0fJi2AraA7LYGpxP6GcC/b9JJpbq5
Y6DfE2Aun9ZK3iHqURyrms0Whbv1CgmUahL2MVYCsTsXwe0GwlAxxKvjXAiXuo+R
9wO5wsXvVVSVNqsk9Yqi+wYzdPKndTU0GyxSApQHroF+cxaZ8Lk0xloj18+LdCSs
e5IiTSXH0MMsDdWWdHlrgk+bgDG+0Gu3ne4vMwGdKO7AhYgQW/ueMy4RnkG/nsV9
jry5BO4gGAI1Ij8KvqUzEnvJFGE3ptJogU+zazWWDUWmL3ecKb3aDRlJFnZ3kJ5h
q8GolZVjpk99V+4B5WVRPXdej/p5J19tXycK/jdNmr4oC8NyUhIpe8xHELnfoB4z
+rxiTx+KMnW0rY8EQg8O2ixEYt5my90IwQkxcxIxextVrqjJjYn8extc2/v8yGzI
KmTEJxdADB5v/Jx4HiLHNDSfBUb8gfONCkNSTYvTcSwTjWzHOkXeE/9ZbQARAQAB
tD5lbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0ZWQpIDxlbHJpcHBvQGVs
cmlwcG9pc2xhbmQubmV0PokCOAQTAQIAIgUCUfv3swIbLwYLCQgHAwIGFQgCCQoL
BBYCAwECHgECF4AACgkQhN8ffmrgNkT8+BAAoAXBqu4/O2Cs5FSWWZpzgScNEgq7
uHhOKeYmRfgKlOUPoYlPB1DBqdOAXSKb9OvsmyOvpoGnqijB7aAJBoyQYW/OCQgd
U8L4eTCf4yRZnfFLdgskcPfN1p0Rs/yinGEooBJFtYa7mT6J0UTW2JjCLZK2AFCW
oF+KBu5JICXGBXigb2ZbX1jWjxP5H1RidQw6HF5z4z34SjLWAOOeZ8B/Xfz6Fs0s
IAuLu2O4HE4DI8Qu196LhSVHHgr3uMTkvN1t5nKwyjrRQztwXXk9qIomII3ydNYb
BYAGdWNNMfLb1kmDwC5wQHAFvSP1aiMF3aKAY+gl2wXSGO6JqM0SteJS3dytIljI
kzu0atc9HuGs/HDQgdmpAS4WU2YefEr/WieltSiAKlwuC+3wg+CONJ6TE1vgNDU/
axerttb0jq7UQb/nAp05bsrB7XH1Vs+1ON9lUPEfWRmwQcrVK5JUrUWa/4tA/UeM
XvFcPFtFluGTlLewgJIqcvjPXFwpbDZprXJsMkwew/A6B6n3+0sbgf7p3QSGkVbi
dwQAymTbHdYqLnbcnKZhjto3Wjw1J5QB2wuiRYlpjV3i7AWTGlqoSTOWCCV+HamQ
qeFYNYAWNFx3+J/oi7xDi8t9bHVNA205equ+y2sj3G5uGJ6LSHQ8AXp9uOipUUvU
1MJN0yLXr9PIwvi5Ag0EUfv3swEQAL0+MnxHGrTjSYdfdua4SBpmytDONM1EngeY
s+WyaC/760MughKbaysI/nK2LB1vnwEY7f3NM4fxBx8u2T7VBm6Ez6Fs23Bb8Rkz
f97bPSdxCmg64GPHfLA9uwTIXcYS+MpI86WOf6eWY0rRpf7Y9Nl7YoUNvzOyUPqc
ggdcnHce8zYv7A/WS8flZDm8tVFPsHrQDEwNMws7ZhiNnHkeZeRJrvCuB7oEVich
O/ROYoA5o6NozWYQbjxe1f6Yur4Q10qgVcxVnyLFJSbg6vZSzL7KYh3Z5iBOzPHt
7cwEDrW8W4Kl2Qj8rhJ4Wxs94CAtua7IXK44sVZWQbyHcOXRikgGMZKkEZzVCQa5
KD1u1ZrcBCyuMAir0hsmS3jhCUwpiE2c3SRk8O8CgixhTcBk0X/k9ZFu3Hbi1JMB
FLzs/Nq3tYAYvVivhPloSxmYBPsafYHCZM83yBNNsralXh5zjB+di90G+AMXt2PN
LTcdovZuWtC0s8/jrx+zv/AA4FAGYU9OVl+YL9ybFX8gSdMEcixyzQcKfiFBjpWv
5iFrwIuDlaXMcheyrhc9aGOxfx44OXc505+VjO/1Q/8EOWlJ6UwOi6GMkj5T+RFJ
MDyP0UixS7dt6wTuD5t6PRuyWWxZswgrbL9hjwGFr154Z19TWeNWc23pWtUvQJos
UCxl2nFHABEBAAGJBD4EGAECAAkFAlH797MCGy4CKQkQhN8ffmrgNkTBXSAEGQEC
AAYFAlH797MACgkQJEPd69lQ0evA+Q/+M7lSFlrQWiRsFqDjh+kTJc+0OEBCvnfo
N2KPyXXbfc//qup55PfEygE6C60zvrlv3WE33GZ5GS5MLuDMP82b+a5Yt16NQU7L
WtAg1g0S0BvazW+28TgnfO8bhbGaFeE9ccw3xLmlbwZQ3f3LtMKdwFIROiG6hvAs
9U54QYti3tv9DowRYYWpdr0Ga8RqeGNtCKc0v2opy51MpzKWjwUW0i3XlSlyY8Lj
1KT8PyznNPw32nYpmDizz+0OUJNnn/kT+GnFoR3DJnFosTOrnxFJp+N+nejMp/gW
r9NM0/E7H+P53IiytBOt5/0vsOaCFGdYGhKEjmJi3dHS4Xk1ObD1mjdD1YDOlWWU
3Md6BDHd4W7Q8gT7oQfTIMLd3HzV+WNPIdocPLBaeA/tRD8Pg5CCmncAmSub4F5T
An7FlnACtSOv3cIWQ0TymS42DihDaJ5d1RvNzKw+zHYdPvf471JFZR3TDhkPbLIr
9czR7kbpnXRwchgwXQn306NVWf37TgA8wpbnFTazZ38iOeqcb9oKprqnbgEdr3PN
OhKSlMTkzAqf3MEi2Fyua4BADMhS3oBwCRgDTlt6wquEytpNSlZaHnyiyIgOpekF
Uy5K3w8NhHqeifRPrNb/UcCbXtXz+puqIEZHMenpv6FRlTTKpdoHoVXSkp1TPMGN
/VaCiLbP4Z3xEw/9EbAJJkhmmx1Qw3ueoqc4h1MmhUtIdxSZ/oA9SjwlnY++zvaZ
6w1wTS4P+OUkETNDtItdpxXMJ9qfSy9voAQc2K43WMZCCmpPJYSdqaZZNPFj+Ne8
6FNtNKuUkXREybpHwlVAXnHzInmFOOM9RAmF70r3zEmKt77W1ztBLo2o9X79gPgL
u9ThgrH6Oc2k46n+9nc3joccr7miiX/bp976DNWcWdOYThiSSOCb8Zw9/Zs935i1
wUVkYTj24tmBH4H5ov9ib7RPmU21ru458RbUKG0ONAqBtAHNyXHzUnXsrke+D4VW
MI06YcXSk8YeYgQ8GxgHQc+W2bb8LIbKN1hEYJ0wzM62vKR2/Oiwuf8lXutIKTuz
+v7Vj1PQd66DGHsxtWRaWnr1c54JTL2wICHJYKFH4grp7864+GL/uQ1O/Z/XxVku
E1JQ/AnwBGU1M1S6otwWGWVRjzEzQtxsfcCEPvV/9td3FIFQAbGTPb+48XFU+TY9
8AlcXBlDzXq7c5f8Evn/oSIsZDt63K4HNTmMGqOTl/p1aA0e4eyX76LczY06rDP5
GMSNs+AHmYgZiS4RYhRUIvS9uLXMnnDAMYst0SDl2orDUUeHBTzu0rchyknBZMGP
p5wQuWQ9CFlV+dj3UYbrBwC1lTkAMXRG2vlhA0V0TZqos7A5D4VHgSUQQjE=
=otlL
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1
iQJcBAEBCgBGBQJWcI3TPxxlbHJpcHBvIChrZWVwIHlvdXIgZGF0YSBlbmNyeXB0
ZWQpIDxlbHJpcHBvQGVscmlwcG9pc2xhbmQubmV0PgAKCRAkQ93r2VDR66MGEACV
oVjGTsoHXsJ7ygK2ZdLEeI7yjdHnn1gxV0qytE3cqP8oYUU651OR8jc86hCeWxgs
yzL8ymdDkPmGO9TeyZ5qAUePBwrblQrLJyWpet1MKiQtypwbtNqjkfeehkuBDASL
HXqQz4Zc8iR7xELdATxgGlWlUBdrao3vKncrrg+hiikOpcBDNYfCcWB/ji9eRovf
SnSgsAngYnQlZYpKFHxV/TiljccIS6qhmiWfBtc+X+J4J8WPDRfqSeHkg1qurt3I
GvtcXJyTQa7VBR8AoSU5w4ZkPAsMdCJY8ZFSfrVepsDkM7tDepUuCIjASE8MH3OR
GXS4rwL61A35opRsVFi3o778zTQc3a2T+wG+MJDUIZ2MhVTc/st0l1OANmAirhM4
x9l4Wn+w7TCGjWmbRIYvfGzYuqd++bQ+mE/ZS1VT/SSYf6+u6zL5WMDHSlHsrk/O
eaC7c1Ri38wdNZPHUU062rPS53siK6cwUJ6Vs6fFLXWM9zTf5Yz2B6Z7GqNyJXn6
1NDNcf3GYfBDIzE9Fam0NTKqK77/ZwAUoDrX9VqSDifOENB3AC3P7BGxMrnYOBBq
e+5byw3ZYDYQsuD+62bz9q4tNhu9IMeSUSU4xUBZIjJLo2/IEBbkiAIROwprs/7y
hwuao/lCp3eoYWxl8NrYDXh1PpLsR3Q92VETHv+78A==
=FXVx
-----END PGP SIGNATURE-----
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk