Re: [tor-talk] Neal Krawetz's abcission proposal, and Tor's reputation

[Jon Tullett <jon.tullett@xxxxxxxxx>]

On 30 August 2017 at 19:18, Roger Dingledine <arma@xxxxxxx> wrote:
> On Wed, Aug 30, 2017 at 03:07:37PM +0100, Ben Tasker wrote:
>> So his suggestion is portrayed as not sacrificing much, but actually
>> sacrifices quite a lot.
>
> This is a really important point. Thinking of onion space right now as
> the sum total of all that it can be is cutting off all of the future
> innovation.

That's a very good way of putting it. Thanks Roger.


> I think finding ways to tie onion addresses to normal ("insecure web")
> domains, when a service has both, is really important too.
> I'd like to
> live in a world where Let's Encrypt gives you an onion altname in your
> https cert by default, and spins up a Tor client by default to let users
> reach your webserver using whichever level of security they prefer.

Doesn't that risk adding insecurity? If I trust a less secure channel
to authenticate the hidden service, then impersonating the hidden
service may become easier by providing a weaker point of attack, no?
It's not like there's a shortage of demos of people getting
LetsEncrypt (and other CA) certs they shouldn't.

-J
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk