[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] DoH over non-HTTPS onion v3



Hi,

this is just a short heads-up.

I'm currently tinkering about how we could
improve DNS security and privacy for tor clients. My idea write-up is not done
yet but since the IETF DoH WG [1] is proceeding towards their next steps
I wanted to move now before it might be to late and let you know that I
might ask them if they want to allow non-HTTPS uris in the case of
onion v3 addresses (currently HTTPS is required). This might be handy for TB in the future.
If you have objections let me know.

I also reached out to Seth Schoen and asked him about his
efforts to make onion v3 DV certificates acceptable to the CA/Browser Forum 
(if that is possible then the HTTPS requirement isn't a problem for DoH over onion v3).

regards,
nusenu


[1] https://datatracker.ietf.org/doc/draft-ietf-doh-dns-over-https

-- 
https://mastodon.social/@nusenu
twitter: @nusenu_

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev