[cabfpub] .onion proposal

Tom Ritter tom at ritter.vg
Wed Dec 3 02:54:23 UTC 2014

Thanks Jeremy! I'm working with Tor to try and advance this effort on
a few different technical and policy fronts, and I think this is a
good path forward.

On 1 December 2014 at 18:18, Jeremy Rowley <jeremy.rowley at digicert.com> wrote:
> b.      The CA MAY verify the Applicant's control over the .onion service by
> signing a Certificate Request using the .onion public key if (i) the
> signature contains a random value chosen by the CA that prevents a
> fraudulent applicant from obtaining the signed statement within the
> signature { }  and (ii) the signature contains a random value
> chosen by the Applicant that prevents the CA from choosing the entire
> contents of the signed statement { }.  Each
> nonce/counter-nonce MUST have at least 64-bits of entropy and MUST be
> presented as an OCTET STRING in the appropriate extension (specified above)
> in the Attributes section of the certificationRequestInfo.

I've started a thread on tor-dev that discusses ways to safely do
this: https://lists.torproject.org/pipermail/tor-dev/2014-November/007853.html
(and https://lists.torproject.org/pipermail/tor-dev/2014-December/007901.html
).  I need to update the specification I sent in the first email with
Nick and Ian's thoughts in the second link - but the effort to define
a safe way to do this (because of the key reusage Ryan brought up) is


More information about the Public mailing list