[cabfpub] .onion proposal

Jeremy Rowley jeremy.rowley at digicert.com
Mon Dec 8 17:33:04 UTC 2014

Thanks Tom!  Does anyone else have comments? If not, do I have someone willing to endorse?

-----Original Message-----
From: Tom Ritter [mailto:tom at ritter.vg] 
Sent: Tuesday, December 2, 2014 7:54 PM
To: Jeremy Rowley
Cc: public at cabforum.org
Subject: Re: [cabfpub] .onion proposal

Thanks Jeremy! I'm working with Tor to try and advance this effort on a few different technical and policy fronts, and I think this is a good path forward.

On 1 December 2014 at 18:18, Jeremy Rowley <jeremy.rowley at digicert.com> wrote:
> b.      The CA MAY verify the Applicant's control over the .onion service by
> signing a Certificate Request using the .onion public key if (i) the 
> signature contains a random value chosen by the CA that prevents a 
> fraudulent applicant from obtaining the signed statement within the 
> signature { }  and (ii) the signature contains a random 
> value chosen by the Applicant that prevents the CA from choosing the 
> entire contents of the signed statement { }.  Each 
> nonce/counter-nonce MUST have at least 64-bits of entropy and MUST be 
> presented as an OCTET STRING in the appropriate extension (specified 
> above) in the Attributes section of the certificationRequestInfo.

I've started a thread on tor-dev that discusses ways to safely do
this: https://lists.torproject.org/pipermail/tor-dev/2014-November/007853.html
(and https://lists.torproject.org/pipermail/tor-dev/2014-December/007901.html
).  I need to update the specification I sent in the first email with Nick and Ian's thoughts in the second link - but the effort to define a safe way to do this (because of the key reusage Ryan brought up) is underway.


More information about the Public mailing list