[cabfpub] .onion proposal

Jeremy Rowley jeremy.rowley at digicert.com
Thu Nov 13 00:33:42 UTC 2014

Thanks Geoff - The RFC reserving the name was submitted in Nov of last year.  The current document expired in Sept 2014.  I'll find out where they are at.

-----Original Message-----
From: Geoff Keating [mailto:geoffk at apple.com] 
Sent: Wednesday, November 12, 2014 4:52 PM
To: Jeremy Rowley
Cc: Eddy Nigg; public at cabforum.org
Subject: Re: [cabfpub] .onion proposal

On 12 Nov 2014, at 3:44 pm, Jeremy Rowley <jeremy.rowley at digicert.com> wrote:
> If something comes up that is equally as important, I think we should address the problem in the BRs and consider how to deal with it.  Afterall, we make changes to the guidelines on a regular basis for other reasons.  Dealing with real-world limitations caused by the guidelines is a very good reason for making a change.
> I doubt delegation of .onion by IANA would make anyone happy, especially not Tor and its users. Delegation doesn’t really fit in their plan since the names are created from a key rather than registered with a registry. Although technical solutions may eventually be in place, the CAB Forum can act more quickly than that to show support for Tor and entities using .onion addresses. 

I’d support a motion saying that when .onion is registered (again, not delegated) by IANA, CAs may issue certificates under it.  I think this would adequately show support and could be quoted during the IANA process which might help .onion get approved.

More information about the Public mailing list