[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Re: Using hidden service key with TLS client authentication

To: techmetx11 <techmetx11@xxxxxxxxxxx>, tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] Re: Using hidden service key with TLS client authentication
From: Jeremy Rand via tor-dev <tor-dev@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 8 Jun 2026 22:04:00 +0000
In-reply-to: <0d813ae6-93ff-482b-9b07-641e30d71ef4@disroot.org>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
References: <0d813ae6-93ff-482b-9b07-641e30d71ef4@disroot.org>
Reply-to: Jeremy Rand <jeremyrand@xxxxxxxxxx>
User-agent: Mozilla Thunderbird

techmetx11 via tor-dev:

Hi tor-dev mailing list,
Is there a way to capsulate a Tor hidden service Ed25519 private keyinside a TLS EE certificate and use it in TLS?
I wanted to use this specifically for XMPP's server-to-server TLSconnections, which uses mTLS to prove if the client connecting is whothey say they are. Currently with XMPP Tor server-to-server connections,we have to use dialback (telling the server to connect back to theclient to authenticate its identity, https://xmpp.org/extensions/xep-0220.html) to prove it, which is a legacy and insecure form ofserver-to-server authentication
If this is possible, then it would get rid of a reason to keep dialbackaround and less roundtrip for the server authentication.
Kind regards,

techmetx11

Hi!

Possible via PKCS#11 (basically the same logic as for TLS server certs),though I haven't written the TLS CCA code paths for that yet. However,probably not desirable in the way that you want. In some setups (e.g.Whonix), the application and the Tor daemon are in different trustdomains. If you *replace* the onion dialback authentication with TLSCCA, then anyone who compromises the application can bypass theauthentication. Of course, with your current scheme, anyone whocompromises the Tor daemon can bypass the authentication. The mostsecure scheme is probably to do both TLS *and* onion auth, in bothdirections; that way an attacker would have to compromise both theapplication and the Tor daemon in order to bypass auth.


Cheers,
--
-Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmobile@xxxxxxxxxx
Mobile OpenPGP: 2158 0643 C13B B40F B0FD 5854 B007 A32D AB44 3D9C
Send non-security-critical things to my Mobile with OpenPGP.
Please don't send me unencrypted messages.

My business email jeremy@xxxxxxxxxxx is having technical issues at themoment.

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list -- tor-dev@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-dev-leave@xxxxxxxxxxxxxxxxxxxx

References:
- [tor-dev] Using hidden service key with TLS client authentication
  - From: techmetx11 via tor-dev

Next by Author: [tor-dev] Using hidden service key with TLS client authentication
Previous by thread: [tor-dev] Using hidden service key with TLS client authentication
Index(es):
- Author
- Thread