Delivery-Date: Thu, 31 Dec 2015 11:46:49 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 711BE1E0668;
	Thu, 31 Dec 2015 11:46:47 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 473FC26B53;
	Thu, 31 Dec 2015 16:46:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 409B521EF3
 for <tor-talk@lists.torproject.org>; Thu, 31 Dec 2015 16:46:38 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Z744g6hjYPdj for <tor-talk@lists.torproject.org>;
 Thu, 31 Dec 2015 16:46:38 +0000 (UTC)
Received: from mail2.eff.org (mail2.eff.org [173.239.79.204])
 (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 1ADCE21D1E
 for <tor-talk@lists.torproject.org>; Thu, 31 Dec 2015 16:46:38 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org;
 s=mail2; 
 h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date;
 bh=C/bXEQ1YdpULrwZSirCoFGOsnSUL+j2j+eodbZTmTLU=; 
 b=aAqTW+njFZaYbC76igaxSf3hQ0sgZ2T9jYhayaMuMU6SrN8nlaaODHIobRy2nk5IpbUgUyY/I1zen7vaM9TMJnWDcch2aTUgyP5pWKrpwsJqFjlB2kfL7trCcshNXv7y3GhbaCHGTNDGtU1/H+IhHJu6Gd+8UMEyHvO9XFR2r+c=;
Received: ; Thu, 31 Dec 2015 08:46:35 -0800
Date: Thu, 31 Dec 2015 08:46:35 -0800
From: Seth David Schoen <schoen@eff.org>
To: tor-talk@lists.torproject.org
Message-ID: <20151231164635.GH27095@mail2.eff.org>
References: <34e1536b62d7b9ce1ba867f0fa59c8@cweb20.nm.nhnsystem.com>
 <1705812.7vP645ThCe@home> <n62t6i$c5o$1@ger.gmane.org>
 <4487129.Pq0bu5ingc@home> <20151231140606.GG27095@mail2.eff.org>
 <CAL3oi7avQ+00cVFWBBqZzQoDqrXheiV4sQX+x8-toy4-QexLog@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <CAL3oi7avQ+00cVFWBBqZzQoDqrXheiV4sQX+x8-toy4-QexLog@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [tor-talk] Hello I have a few question about tor network
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Alexandre Guillioud writes:

> " That's definitely an improvement, although there's an issue in the long
> run that the crypto in HTTPS is getting better faster than the crypto
> in Tor's hidden services implementation. :-) "
> 
> I don't understand why you are saying that this is an 'issue'.
> If one of the crypto tech is getting better, the tor stack will be improved
> in its whole, isn't it ?

It's also a question of practical deployment: it should be improved
eventually with new Tor protocol versions, but I don't believe that it
has been yet (although I'd love for the Tor developers to correct me on
this point).

> Moreover, i've read that some 'ssl authoritie' is now allowing registration
> of .onion domains.

Yes, Digicert is offering them.

https://blog.digicert.com/ordering-a-onion-certificate-from-digicert/

But as you can see from their page, they only offer EV certificates,
which involve verifying the legal identity of an organization.  So the
certificates aren't available for onion sites that are operated by
individuals or that are operated by anonymous people or organizations.
Right now, probably most onion sites wouldn't be able to get a certificate
for their sites because of these restrictions.  (I'm grateful to Digicert
for their work on this -- the restrictions aren't their fault!)

-- 
Seth Schoen  <schoen@eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

