[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Finally a Cloudflare captchas workaround thanks to next-gen onion services?



On 23 February 2017 at 08:32, grarpamp <grarpamp@xxxxxxxxx> wrote:

> Being tired at the moment to say these numbers correct,
> practically speaking, cloudflare's excuse seems a bit invalid.
>

To be fair, it's not Cloudflare's excuse, it's the entire CA/Browser Forum
Industry.

The security community has been caught before by "merely hypothetical"
exploits suddenly appearing in the wild - TCP Sequence Number Prediction
springs to mind - so now the rule is "SHA-1 is bad", it's just been purged
from the certificate world in general, and they'll be damned if they're
gonna let it back in anywhere else.

    -a

-- 
http://dropsafe.crypticide.com/aboutalecm
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk