[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #18696 [- Select a component]: .onion names contain their own validator, we should use that

Subject: [tor-bugs] #18696 [- Select a component]: .onion names contain their own validator, we should use that
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 31 Mar 2016 19:54:31 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 31 Mar 2016 15:54:39 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#18696: .onion names contain their own validator, we should use that
--------------------------------------+-----------------
     Reporter:  huseby                |      Owner:
         Type:  enhancement           |     Status:  new
     Priority:  Medium                |  Milestone:
    Component:  - Select a component  |    Version:
     Severity:  Normal                |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |   Reviewer:
      Sponsor:                        |
--------------------------------------+-----------------
 Companion bug to https://bgz.la/1250696

 I'd like to get feedback on this proposal.

 The idea is to allow TBB to accept a self-signed trust root cert if the
 hash of the public key matches the .onion address.  This will allow
 servers running as .onion sites to generate strong/modern TLS certs that
 are signed by a self-signed root cert containing the .onion public key.

 This should allow us to get around the DV cert problem and allow valid
 .onion TLS certs be validated by the .onion name and have strong/modern
 TLS certs.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18696>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #18696 [Tor Browser]: .onion names contain their own validator, we should use that
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #18695 [Website]: We should have a repository list that includes important external repositories
Next by Author: Re: [tor-bugs] #18686 [Tor]: tor port forwarding claims to kill long-dead forwarder
Previous by thread: Re: [tor-bugs] #18695 [Website]: We should have a repository list that includes important external repositories
Next by thread: Re: [tor-bugs] #18696 [Tor Browser]: .onion names contain their own validator, we should use that
Index(es):
- Author
- Thread