Delivery-Date: Wed, 03 Dec 2014 13:22:39 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 7FE451E02C3;
	Wed,  3 Dec 2014 13:22:38 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id B692B31A98;
	Wed,  3 Dec 2014 18:22:32 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 0DEBC31A74
 for <tor-talk@lists.torproject.org>; Wed,  3 Dec 2014 18:22:29 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id qKOJK_su21Lc for <tor-talk@lists.torproject.org>;
 Wed,  3 Dec 2014 18:22:28 +0000 (UTC)
Received: from mail-ig0-x233.google.com (mail-ig0-x233.google.com
 [IPv6:2607:f8b0:4001:c05::233])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id DD6122E9A2
 for <tor-talk@lists.torproject.org>; Wed,  3 Dec 2014 18:22:28 +0000 (UTC)
Received: by mail-ig0-f179.google.com with SMTP id r2so13238060igi.12
 for <tor-talk@lists.torproject.org>; Wed, 03 Dec 2014 10:22:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=LVrwalwEeiX8aUEdS234czoSnQGP+t9997ve9t2rjho=;
 b=STCWkJJRsesbFWbUxukVlqpbd1sXQej+aji9dw+7ZhlfyDN/33mB7NY7zVIAdNF5Pj
 pjSVB7fhlrnS+MnmlbdQWyTJ5fDwkkQ7sEJQ7ZMPCMALku2UO9HrDsnBdOQRPrQtdJJv
 jYOBABttR/o0VDsZrFkgxEVtmRXRrHKuQR3/Et1wnHxQXEuNt6+ipCr7PW3BmO5+O1Cu
 betczbtj+uYEtWW2A0HOCnwla8RUKZjAih5skr65dJbpuyeXMTMEm6uP04BmUV0Gwohg
 gsHW0he681tbdv4n/uSVNAZmDCJ7MLggk/O5za6TFopfUykdWfoaQ7bdpcQ/5SGc40yi
 r7YQ==
MIME-Version: 1.0
X-Received: by 10.50.136.135 with SMTP id qa7mr9768744igb.32.1417630946650;
 Wed, 03 Dec 2014 10:22:26 -0800 (PST)
Received: by 10.107.15.79 with HTTP; Wed, 3 Dec 2014 10:22:26 -0800 (PST)
In-Reply-To: <CAMtFrUE2zD18TJjy92mFsWrn8amPU+gPUsYiuQ4br5Ay+UQk5A@mail.gmail.com>
References: <CAM95LegZfCiDnOSB=h9SQ8Ch5gy32n79eVrG9HO_Ju21Ph9tJQ@mail.gmail.com>
 <CAMtFrUE2zD18TJjy92mFsWrn8amPU+gPUsYiuQ4br5Ay+UQk5A@mail.gmail.com>
Date: Thu, 4 Dec 2014 05:22:26 +1100
Message-ID: <CAM95LegYWCY1xW9ai9e0TiRsnPvgLpXBBM9F0UeVV+ACFBMN8Q@mail.gmail.com>
From: Nik Cubrilovic <nikcub@gmail.com>
To: "tor-talk@lists.torproject.org" <tor-talk@lists.torproject.org>
Subject: Re: [tor-talk] Blockchain.info Tor Hidden Service + Signed
	Certificate
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Thu, Dec 4, 2014 at 4:55 AM, Runa A. Sandvik <runa.sandvik@gmail.com> wrote:
>
> Can you elaborate on why Blockchain wanted an SSL certificate on its
> .onion site?
>

A few reasons:

1. When they announced the first hidden site on Saturday which was
plain HTTP[0] there was a clone up within an hour and despite the
official blockchain twitter and reddit accounts linking to the onion
others spammed the clone link(s) which lead users asking to what is
real/not[1]

2. User expectation - thinking a "legitimate" hidden service should
have a signed and valid certificate [2]

3. The users who were MITM'd on exit nodes weren't noticing they were
being ssl stripped, so the chances of getting them into a usage
pattern of checking a 16 character onion address felt slim -
especially when clones can match the first 10 characters and there is
no browser failure mode for not checking the address

4. To defend against the attack type where an attacker creates a clone
onion with close-enough matching address and then MITM exit nodes
where they s/<legitimate hostname>/<clone hostname> in all pages the
user visits.

enforced HTTPS everywhere, including onion sites, solves a lot of
problems and keeps user advice consistent. HTTPS and signed
certificates doesn't have to mean paying a CA - i'd like to see TB
distribute a root for a voluntary onion-oriented CA.

[0] http://blockchatvqztbll.onion

[1] http://www.reddit.com/r/Bitcoin/comments/2npw4p/blockchaininfo_has_an_onion_url_now_or_is_this_a/cmfry83
(spam link deleted and removed by mods)

[2] https://twitter.com/sylvandb/status/538724877344468992
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

