[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Let's not keep rehashing the past, it's dead already... (Was: Fishy MegaCorpsArchy)

On Tue, 16 Oct 2018, 09:35 grarpamp, <grarpamp@xxxxxxxxx> wrote:

...vast amounts of deletia...

b) Key material
> 1) Holding onion names hostage in [non] custodial /
> contractual form, whether they give subscribers
> the [offline] crypto keys, or sell / rent / extort them,
> portability, multihoming.

Um; I can only see this being a risk or threat if you imagine that
Cloudflare is assigning abd surfacing permanent "parallel" onion
addresses/names to their customers.

If you do believe that, then you've misapprehended how Alt-Svc works.

Neither clients nor website owners ever see onion addresses; all the onion
addresses are ephemeral and buried at/below the HTTP layer.

2) Security aganst keytheft breach and subsequent
> impersonation of the sites from behind 7 proxies,
> phishing, etc. Compensation for site and user losses.

Ditto; likewise not an issue with Alt-Svc onionification; the mechanism
never surfaces onion keys to the user, and the onions themselves are
short-lived / ephemeral.

- alec
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to