Alexandre Guillioud writes: > " That's definitely an improvement, although there's an issue in the long > run that the crypto in HTTPS is getting better faster than the crypto > in Tor's hidden services implementation. :-) " > > I don't understand why you are saying that this is an 'issue'. > If one of the crypto tech is getting better, the tor stack will be improved > in its whole, isn't it ?
It's also a question of practical deployment: it should be improved eventually with new Tor protocol versions, but I don't believe that it has been yet (although I'd love for the Tor developers to correct me on this point). > Moreover, i've read that some 'ssl authoritie' is now allowing registration > of .onion domains. Yes, Digicert is offering them. https://blog.digicert.com/ordering-a-onion-certificate-from-digicert/ But as you can see from their page, they only offer EV certificates, which involve verifying the legal identity of an organization. So the certificates aren't available for onion sites that are operated by individuals or that are operated by anonymous people or organizations. Right now, probably most onion sites wouldn't be able to get a certificate for their sites because of these restrictions. (I'm grateful to Digicert for their work on this -- the restrictions aren't their fault!) -- Seth Schoen <sch...@eff.org> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk