[cabfpub] .onion proposal

Jeremy Rowley jeremy.rowley at digicert.com
Wed Nov 19 20:36:34 UTC 2014

How do you address this concern other than by modifying the way the onion names are assigned? I guess either not permit conflicting services by only routing to the service with the oldest identified service (instead of evicting the old service) or having Tor move to a SHA-2 hash.  I know Tor is looking at the issue and will likely have more insight they can share.

While a solution is in flux, the Forum should still have validation rules in place for onion that last until 2016 (the revocation date of all internal names) so that current certs undergo a set process for issuance rather than issue as internal names.


-----Original Message-----
From: Brian Smith [mailto:brian at briansmith.org] 
Sent: Wednesday, November 19, 2014 1:26 PM
To: Gervase Markham
Cc: Jeremy Rowley; public at cabforum.org
Subject: Re: [cabfpub] .onion proposal

Gervase Markham <gerv at mozilla.org> wrote:
> I'm in support of this in principle. There are two issues with 'normal'
> internal server names:
> 1) It's not possible to prove exclusive ownership of them (because they
>    aren't exclusively owned);


> For .onion names, problem 1) does not apply.

That is only true assuming you can rely on the second-preimage resistance of truncated SHA-1, like Ryan pointed out. I think his point is that the second-preimage resistance of truncated SHA-1 is not strong enough to make claims like this. (Ryan: Sorry if I'm misunderstanding you. Corrections appreciated.) I think that concern should be addressed. This is one reason I suggested to limit the maximum lifetime of .onion certificates.


More information about the Public mailing list