[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Giving Hidden Services some love

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Giving Hidden Services some love
From: "Jesse B. Crawford" <jesse@xxxxxxxxxxxxx>
Date: Sun, 04 Jan 2015 13:31:17 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 04 Jan 2015 16:31:35 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=jbcrawford.us; s=mail; t=1420407083; bh=0h4fka09l8yiZnL0PFgcIHE07Gp3BGppuOx2qM5zRlE=; h=Date:From:To:Subject:References:In-Reply-To:From; b=XdUkD9jF796B3S3c1MzZikAgC11O1Iw8PQuJLDfsmsCMdk/KPJGY7Tpf444j2+HAm hGfdveb81O+RnUFj+o79bnePXNJPuArLllqYToWPy1053YoFCJ9wKqKxkzQVNEhSQq wQs7gFLbG/Q2Iv9fqj0vCjXL/mbKvZgRo+lCObQg=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=jbcrawford.us; s=mail; t=1420407079; bh=0h4fka09l8yiZnL0PFgcIHE07Gp3BGppuOx2qM5zRlE=; h=Date:From:To:Subject:References:In-Reply-To:From; b=rIVYq8H7DC5WRYN0IP5KfKXbFfz+LjFkaGEWdLFL4lKgXszAicEN7n+Zp40qdqGJW pd06+oK/RM9pwNqnN0cYA7XMvZ801NIi+tdr5F9kVC+UmkPuCmgnnMx3H94DbteKpN XVmpWLT/Df/Gqa3/8oyoYltiixBnk3SKBFN5RoM4=
In-reply-to: <54A917E2.3010502@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <54A4A69B.4020803@xxxxxxxxxx> <20150101132852.73822cef@xxxxxxxxxxxxxxxxxxxxx> <54A4C6BF.3040207@xxxxxxxxxx> <20150101143551.00c64c7e@xxxxxxxxxxxxxxxxxxxxx> <218CCDA8-6BB7-4C1C-B806-A1CEAB42A1C0@xxxxxxxxxx> <20150101170451.33e950e6@xxxxxxxxxxxxxxxxxxxxx> <54A59E83.1080300@xxxxxxxxxx> <20150102104622.3e5fb008@xxxxxxxxxxxxxxxxxxxxx> <0BE4AC7A-4DA6-4F56-8B88-9C2B93E9FC7A@xxxxxxxxxx> <CADop2NEx22J2qGspApv588uC8o32OmS8zzV5yyek_UxtMxZGiw@xxxxxxxxxxxxxx> <CAJaLD9+M8EErJ11LRGQYrYLOf+9+8dQL6RawC+3UY-ojLd=sWQ@xxxxxxxxxxxxxx> <54A607EB.1020505@xxxxxxxxxx> <CADop2NE5tY_97XdYY=UWfd_xvbByPqd95LW4Z8G4Q+m44n-YZQ@xxxxxxxxxxxxxx> <54A72481.5020108@xxxxxxxxxxxxxx> <54A72877.6090900@xxxxxxxxxxx> <54A72FFA.7090305@xxxxxxxxxx> <54A74EBD.5070407@xxxxxxxxxxxxx> <20150103132326.04b88929@xxxxxxxxxx> <54A8C4A6.3090804@xxxxxxxxxxxxx> <54A917E2.3010502@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 2015-01-04 02:37, Peter Tonoli wrote:
> EV certificates don't fix any problem. The validation of a 'legal
> entity' is purely due to an agreed policy. A rogue, compromised, or
> alternate CA could release certificates with EV fields that don't
> 'rigorously' validate the organisation that applies for the certificate.

I am assuming here that users trust CAs - I think a fair assumption for
practical purposes since this is the foundation of the current
open-internet system. Fixing the problem in a general way is a much more
ambitious goal than just extending this assurance to Tor.

> Which contradicts with the point of hidden services in the first place,
> that neither party knows the others identity [1].
> 
> [1] https://www.torproject.org/docs/hidden-services.html.en

Yet organizations like Facebook, DuckDuckGo, and others that do not
intend to remain anonymous operate hidden services. Clearly there are
use cases where anonymity is not a requirement and is even undesirable.
These are probably a minority I agree, making this a small issue in the
grand scheme of things. Just one I thought worth explaining since SSL
came up.

jc
--
Jesse B. Crawford
Student, Information Technology
New Mexico Inst. of Mining & Technology

https://jbcrawford.us // jesse@xxxxxxxxxxxxx
https://cs.nmt.edu/~jcrawford // jcrawford@xxxxxxxxxx
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Giving Hidden Services some love
  - From: Matthew Puckey
- Re: [tor-talk] Giving Hidden Services some love
  - From: Peter Presland

References:
- Re: [tor-talk] Giving Hidden Services some love
  - From: Katya Titov
- Re: [tor-talk] Giving Hidden Services some love
  - From: Colin Mahns
- Re: [tor-talk] Giving Hidden Services some love
  - From: Katya Titov
- Re: [tor-talk] Giving Hidden Services some love
  - From: Colin Mahns
- Re: [tor-talk] Giving Hidden Services some love
  - From: Virgil Griffith
- Re: [tor-talk] Giving Hidden Services some love
  - From: Xiaolan.Me
- Re: [tor-talk] Giving Hidden Services some love
  - From: Thomas White
- Re: [tor-talk] Giving Hidden Services some love
  - From: Virgil Griffith
- Re: [tor-talk] Giving Hidden Services some love
  - From: Moritz Bartl
- Re: [tor-talk] Giving Hidden Services some love
  - From: Josef 'veloc1ty' Stautner
- Re: [tor-talk] Giving Hidden Services some love
  - From: s7r
- Re: [tor-talk] Giving Hidden Services some love
  - From: Jesse B. Crawford
- Re: [tor-talk] Giving Hidden Services some love
  - From: Matthew Puckey
- Re: [tor-talk] Giving Hidden Services some love
  - From: Jesse B. Crawford
- Re: [tor-talk] Giving Hidden Services some love
  - From: Peter Tonoli

Prev by Author: Re: [tor-talk] Giving Hidden Services some love
Next by Author: Re: [tor-talk] Giving Hidden Services some love
Previous by thread: Re: [tor-talk] Giving Hidden Services some love
Next by thread: Re: [tor-talk] Giving Hidden Services some love
Index(es):
- Author
- Thread