<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 19, 2014 at 12:36 PM, Jeremy Rowley <span dir="ltr"><<a href="mailto:jeremy.rowley@digicert.com" target="_blank">jeremy.rowley@digicert.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">How do you address this concern other than by modifying the way the onion names are assigned? I guess either not permit conflicting services by only routing to the service with the oldest identified service (instead of evicting the old service) or having Tor move to a SHA-2 hash. I know Tor is looking at the issue and will likely have more insight they can share.<br>
<br>
While a solution is in flux, the Forum should still have validation rules in place for onion that last until 2016 (the revocation date of all internal names) so that current certs undergo a set process for issuance rather than issue as internal names.<br>
<span class="HOEnZb"><font color="#888888"><br>
Jeremy<br></font></span></blockquote><div><br></div><div>You mean 1 November 2015. That's been the date that no BR-conforming CA is allowed to set the expiration date past. (9.2.1 of BR 1.2.2)</div><div><br></div><div>PROPOSAL: Effectively immediately, CAs MUST NOT issue certificates for the .onion TLD and MUST revoke all certificates issued for the .onion TLD</div><div><br></div><div>Then we work out a proposal to set up rules for validating .onion names, which may or may not be blocked on Tor work at the protocol or browser level, and also work - with the broader Tor community - to see if there is any interim steps that can be accepted.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="HOEnZb"><font color="#888888">
</font></span><span class="im HOEnZb"><br>
-----Original Message-----<br>
From: Brian Smith [mailto:<a href="mailto:brian@briansmith.org">brian@briansmith.org</a>]<br>
</span><span class="im HOEnZb">Sent: Wednesday, November 19, 2014 1:26 PM<br>
To: Gervase Markham<br>
Cc: Jeremy Rowley; <a href="mailto:public@cabforum.org">public@cabforum.org</a><br>
Subject: Re: [cabfpub] .onion proposal<br>
<br>
</span><div class="HOEnZb"><div class="h5">Gervase Markham <<a href="mailto:gerv@mozilla.org">gerv@mozilla.org</a>> wrote:<br>
> I'm in support of this in principle. There are two issues with 'normal'<br>
> internal server names:<br>
><br>
> 1) It's not possible to prove exclusive ownership of them (because they<br>
> aren't exclusively owned);<br>
<br>
<snip><br>
<br>
> For .onion names, problem 1) does not apply.<br>
<br>
That is only true assuming you can rely on the second-preimage resistance of truncated SHA-1, like Ryan pointed out. I think his point is that the second-preimage resistance of truncated SHA-1 is not strong enough to make claims like this. (Ryan: Sorry if I'm misunderstanding you. Corrections appreciated.) I think that concern should be addressed. This is one reason I suggested to limit the maximum lifetime of .onion certificates.<br>
<br>
Cheers,<br>
Brian<br>
_______________________________________________<br>
Public mailing list<br>
<a href="mailto:Public@cabforum.org">Public@cabforum.org</a><br>
<a href="https://cabforum.org/mailman/listinfo/public" target="_blank">https://cabforum.org/mailman/listinfo/public</a><br>
</div></div></blockquote></div><br></div></div>