[cabfpub] .onion proposal
sleevi at google.com
Wed Nov 19 13:44:44 MST 2014
On Wed, Nov 19, 2014 at 12:36 PM, Jeremy Rowley <jeremy.rowley at digicert.com>
> How do you address this concern other than by modifying the way the onion
> names are assigned? I guess either not permit conflicting services by only
> routing to the service with the oldest identified service (instead of
> evicting the old service) or having Tor move to a SHA-2 hash. I know Tor
> is looking at the issue and will likely have more insight they can share.
> While a solution is in flux, the Forum should still have validation rules
> in place for onion that last until 2016 (the revocation date of all
> internal names) so that current certs undergo a set process for issuance
> rather than issue as internal names.
You mean 1 November 2015. That's been the date that no BR-conforming CA is
allowed to set the expiration date past. (9.2.1 of BR 1.2.2)
PROPOSAL: Effectively immediately, CAs MUST NOT issue certificates for the
.onion TLD and MUST revoke all certificates issued for the .onion TLD
Then we work out a proposal to set up rules for validating .onion names,
which may or may not be blocked on Tor work at the protocol or browser
level, and also work - with the broader Tor community - to see if there is
any interim steps that can be accepted.
> -----Original Message-----
> From: Brian Smith [mailto:brian at briansmith.org]
> Sent: Wednesday, November 19, 2014 1:26 PM
> To: Gervase Markham
> Cc: Jeremy Rowley; public at cabforum.org
> Subject: Re: [cabfpub] .onion proposal
> Gervase Markham <gerv at mozilla.org> wrote:
> > I'm in support of this in principle. There are two issues with 'normal'
> > internal server names:
> > 1) It's not possible to prove exclusive ownership of them (because they
> > aren't exclusively owned);
> > For .onion names, problem 1) does not apply.
> That is only true assuming you can rely on the second-preimage resistance
> of truncated SHA-1, like Ryan pointed out. I think his point is that the
> second-preimage resistance of truncated SHA-1 is not strong enough to make
> claims like this. (Ryan: Sorry if I'm misunderstanding you. Corrections
> appreciated.) I think that concern should be addressed. This is one reason
> I suggested to limit the maximum lifetime of .onion certificates.
> Public mailing list
> Public at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public