[cabfpub] .onion proposal

Brian Smith brian at briansmith.org
Wed Nov 19 13:26:26 MST 2014


Gervase Markham <gerv at mozilla.org> wrote:
> I'm in support of this in principle. There are two issues with 'normal'
> internal server names:
>
> 1) It's not possible to prove exclusive ownership of them (because they
>    aren't exclusively owned);

<snip>

> For .onion names, problem 1) does not apply.

That is only true assuming you can rely on the second-preimage
resistance of truncated SHA-1, like Ryan pointed out. I think his
point is that the second-preimage resistance of truncated SHA-1 is not
strong enough to make claims like this. (Ryan: Sorry if I'm
misunderstanding you. Corrections appreciated.) I think that concern
should be addressed. This is one reason I suggested to limit the
maximum lifetime of .onion certificates.

Cheers,
Brian


More information about the Public mailing list