[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] General question regarding tor, ssl and .onion.
-----BEGIN PGP SIGNED MESSAGE-----
On 08/07/2015 10:16 PM, Seth David Schoen wrote:
> MaQ writes:
>> I'm curious, I'm developing an app whereas sharing/collaboration
>> can be done by localhost through tor and .onion address between
>> pairs or multiples. When I use standard http there seems to not
>> be any problems connecting different computers, different IPs,
>> etc. and interacting, but when attempting to do it under https
>> there isn't any connection. Https is definitely functioning with
>> original hosts.
>> My question is, since things are already going through tor with
>> .onion connections and things encrypted anyway, is not using ssl
>> really presenting any sort of serious compromise on anonymity?
>> Wouldn't it be sort of like encrypting the encryption?
> There is an ongoing discussion about how seriously one needs HTTPS
> with a .onion address. There is already end-to-end encryption
> built into the Tor hidden service design, so communications with
> hidden services (even using an unencrypted application-layer
> protocol like HTTP) are already encrypted.
> A problem is that the encryption for the current generation of
> hidden services is below-par, technically, in comparison to modern
> HTTPS in browsers -- it uses less modern cryptographic primitives
> and shorter keylengths than would be recommended for HTTPS today.
> This will change eventually with future updates to the hidden
> service protocol, but right now there would be incremental
> cryptographic benefit from connecting to a hidden service via
> HTTPS. But the encryption from HTTPS in this case serves the same
> purpose as the hidden service encryption, so you're indeed
> "encrypting the encryption" when you use it.
> Unfortunately, it's hard to do today because certificate
> authorities are reluctant to issue certs for .onion names; the
> CA/Browser Forum has allowed them to do so temporarily, but only EV
> certificates can be issued, which cost money, take time, and
> sacrifice anonymity of the hidden service operator.
> The best-known example of a hidden service that managed to navigate
> the process successfully is
It's theoretically possible to use naming systems like Namecoin to
specify TLS fingerprints for connections to Tor hidden services, which
would eliminate the need for a CA. I'm hoping to have a proof of
concept of such functionality soon.
- -Jeremy Rand
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to