[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Of CA-signed certs and .onion URIs



On Wed, Nov 19, 2014 at 1:05 AM, Tom Ritter <tom@xxxxxxxxx> wrote:
> At that point, they can tell me whatever they want

Some of them will ;)

> So I'm not sure I understand the attacks you're talking about.

> this .onion SSL bypass stuff into little-t tor, I'm talking about
> making it a Tor Browser Extension - if that crossed our wires.

Cert infrastructures can make linkphisher proxies harder and
gives options to users and operators as well as an actual layer
of traditional browser to webserver crypto. Disabling warnings
there for all of .onion doesn't. And certainly disabling them for
pinned certs and CA's wouldn't.

As before, extending TBB to skip warnings for HS pubkey signed
certs of respective single onions seems fine.

> It's
> true that if, on the relay hosting the HS, you forwarded it to another
> machine and that connection was attacked (between your webserver and
> your HS relay) - the connection would be insecure.

Your webserver can/should enforce TLS for that connection regardless
if it's on localhost or the other side of the planet via clearnet or
some other transport.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev