Hello, As required by CABForum guidelines, CAs must include the hash of an ASN.1 SubjectPublicKey of the .onion service. For example, https://crt.sh/?id=3526088262 shows the SHA256 of the public key of archivev3qli37bju4rlh27glh24lljyezwxf4pokmrdbpefjlcrp5id.onion is 08afa9604f4cd74a1a867f3ffcf61faacdb19785a9d4c378f72a54503f73dd65
Since this a v3 address, it is not difficult to extract the public key from .onion domain. Below is the hexdump of hs_ed25519_public_key 3d 3d 20 65 64 32 35 35 31 39 76 31 2d 70 75 62 6c 69 63 3a 20 74 79 70 65 30 20 3d 3d 00 00 00 04 44 74 54 95 dc 16 8d fc 29 a7 22 b3 eb e6 59 f5 c5 ad 38 26 6d 72 f1 ee 53 22 30 bc 85 4a c5 So the public key (32 bytes long) is just the last two lines of the hexdump, and we can generate the public_key.pem from it, which is -----BEGIN PUBLIC KEY----- MCowBQYDK2VwAyEABER0VJXcFo38Kacis+vmWfXFrTgmbXLx7lMiMLyFSsU= -----END PUBLIC KEY----- We can also convert it to DER ($ openssl pkey -pubin -outform DER -out public_key.der), and here comes the problem: I tried to hash the DER file, and I got 141dcca6fea50f1c9f12c7150ca157a8e6e7bf7e79a6eb6f592a6235ab57ce23, which is different from what I see in DigiCert's certificate. Any ideas why this happened? Also, since the support of v2 .onion address will be removed from the Tor code base on July 15th, 2021 and v3 .onion address contains the full public key, I think it is meaningless to have 2.23.140.1.31 extension after that. Best, Xia _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
