[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Using hidden service key with TLS client authentication

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] Using hidden service key with TLS client authentication
From: techmetx11 via tor-dev <tor-dev@xxxxxxxxxxxxxxxxxxxx>
Date: Sun, 7 Jun 2026 20:44:50 +0100
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
Reply-to: techmetx11 <techmetx11@xxxxxxxxxxx>
User-agent: Betterbird (Linux)

Hi tor-dev mailing list,

Is there a way to capsulate a Tor hidden service Ed25519 private keyinside a TLS EE certificate and use it in TLS?

I wanted to use this specifically for XMPP's server-to-server TLSconnections, which uses mTLS to prove if the client connecting is whothey say they are. Currently with XMPP Tor server-to-server connections,we have to use dialback (telling the server to connect back to theclient to authenticate its identity,https://xmpp.org/extensions/xep-0220.html) to prove it, which is alegacy and insecure form of server-to-server authentication

If this is possible, then it would get rid of a reason to keep dialbackaround and less roundtrip for the server authentication.


Kind regards,

techmetx11

_______________________________________________
tor-dev mailing list -- tor-dev@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-dev-leave@xxxxxxxxxxxxxxxxxxxx

Follow-Ups:
- [tor-dev] Re: Using hidden service key with TLS client authentication
  - From: Jeremy Rand via tor-dev

Prev by Author: [tor-dev] Re: Using hidden service key with TLS client authentication
Next by thread: [tor-dev] Re: Using hidden service key with TLS client authentication
Index(es):
- Author
- Thread