For what use exactly? ie why people should want a TLS certificate for a .onion, which by definition is something not tied to an official "domain", like anything that has no other choice than using self-signed certificates?
Something can be done to verify that someone owns the .onion "domain" and probably we should study this (for letsencrypt for example) and get rid of this notion of "domain" which is obsolete, please take a look at this thread http://lists.w3.org/Archives/Public/public-webapps/2015OctDec/0205.html (follow the previous posts if you have time, this addresses the very same problematic, including letsencrypt), still not convincingly answered (despite of the fact that the W3C obviously does not follow its security policy for WebRTC), since people there seem to find a kind of funny the Tor protocol but, happier for the planet, succeeded to secure it with a fb .onion certificate. Le 15/12/2015 17:09, Fabio Pietrosanti (naif) - lists a écrit : > Hello, > > we asked on Twitter to Digicert to provide a quick guide on how order an > x509v3 certificate for TLS for a .onion, they've just published this > small guide: > https://blog.digicert.com/ordering-a-onion-certificate-from-digicert/ > > Hopefully other CA will follow and at a certain point letsencrypt too. > -- Get the torrent dynamic blocklist: http://peersm.com/getblocklist Check the 10 M passwords list: http://peersm.com/findmyass Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org Peersm : http://www.peersm.com torrent-live: https://github.com/Ayms/torrent-live node-Tor : https://www.github.com/Ayms/node-Tor GitHub : https://www.github.com/Ayms -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
