[cabfpub] .onion proposal

Brian Smith brian at briansmith.org
Wed Nov 19 20:26:26 UTC 2014

Gervase Markham <gerv at mozilla.org> wrote:
> I'm in support of this in principle. There are two issues with 'normal'
> internal server names:
> 1) It's not possible to prove exclusive ownership of them (because they
>    aren't exclusively owned);


> For .onion names, problem 1) does not apply.

That is only true assuming you can rely on the second-preimage
resistance of truncated SHA-1, like Ryan pointed out. I think his
point is that the second-preimage resistance of truncated SHA-1 is not
strong enough to make claims like this. (Ryan: Sorry if I'm
misunderstanding you. Corrections appreciated.) I think that concern
should be addressed. This is one reason I suggested to limit the
maximum lifetime of .onion certificates.


More information about the Public mailing list