Delivery-Date: Mon, 05 Jan 2015 14:50:20 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 43B9C1E03B6
	for <archiver@seul.org>; Mon,  5 Jan 2015 14:50:19 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 00F4732A62;
	Mon,  5 Jan 2015 19:50:16 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id CABEF32A5D
 for <tor-talk@lists.torproject.org>; Mon,  5 Jan 2015 19:50:13 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id go7X31Xt1x8D for <tor-talk@lists.torproject.org>;
 Mon,  5 Jan 2015 19:50:13 +0000 (UTC)
Received: from epistle.puckey.org (epistle.puckey.org [93.95.228.85])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 8B206329C9
 for <tor-talk@lists.torproject.org>; Mon,  5 Jan 2015 19:50:13 +0000 (UTC)
Received: from localhost (unknown [77.95.229.20])
 (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by epistle.puckey.org (Postfix) with ESMTPSA id 34B8D1006F3
 for <tor-talk@lists.torproject.org>; Mon,  5 Jan 2015 19:50:08 +0000 (GMT)
Date: Mon, 5 Jan 2015 19:50:01 +0000
From: Matthew Puckey <matt@puckey.org>
To: tor-talk@lists.torproject.org
Message-ID: <20150105195001.5ac4863b@puckey.org>
In-Reply-To: <54A9B125.6000400@jbcrawford.us>
References: <54A4A69B.4020803@riseup.net>
 <20150101132852.73822cef@localhost.localdomain>
 <54A4C6BF.3040207@riseup.net>
 <20150101143551.00c64c7e@localhost.localdomain>
 <218CCDA8-6BB7-4C1C-B806-A1CEAB42A1C0@riseup.net>
 <20150101170451.33e950e6@localhost.localdomain>
 <54A59E83.1080300@riseup.net>
 <20150102104622.3e5fb008@localhost.localdomain>
 <0BE4AC7A-4DA6-4F56-8B88-9C2B93E9FC7A@riseup.net>
 <CADop2NEx22J2qGspApv588uC8o32OmS8zzV5yyek_UxtMxZGiw@mail.gmail.com>
 <CAJaLD9+M8EErJ11LRGQYrYLOf+9+8dQL6RawC+3UY-ojLd=sWQ@mail.gmail.com>
 <54A607EB.1020505@riseup.net>
 <CADop2NE5tY_97XdYY=UWfd_xvbByPqd95LW4Z8G4Q+m44n-YZQ@mail.gmail.com>
 <54A72481.5020108@torservers.net> <54A72877.6090900@veloc1ty.de>
 <54A72FFA.7090305@sky-ip.org> <54A74EBD.5070407@jbcrawford.us>
 <20150103132326.04b88929@puckey.org>
 <54A8C4A6.3090804@jbcrawford.us> <54A917E2.3010502@metaverse.org>
 <54A9B125.6000400@jbcrawford.us>
X-Mailer: Claws Mail 3.8.1 (GTK+ 2.24.10; i486-pc-linux-gnu)
Mime-Version: 1.0
Subject: Re: [tor-talk] Giving Hidden Services some love
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Sun, 04 Jan 2015 13:31:17 -0800
"Jesse B. Crawford" <jesse@jbcrawford.us> wrote:

> On 2015-01-04 02:37, Peter Tonoli wrote:
> > EV certificates don't fix any problem. The validation of a 'legal
> > entity' is purely due to an agreed policy. A rogue, compromised, or
> > alternate CA could release certificates with EV fields that don't
> > 'rigorously' validate the organisation that applies for the
> > certificate.
> 
> I am assuming here that users trust CAs - I think a fair assumption
> for practical purposes since this is the foundation of the current
> open-internet system. 

I'm not sure that is a fair assumption; Comodo for example. Purely
because today a lot of secure communication relies on CAs, I don't
think is a reason to continue along the same path and not look into
alternatives.

> Fixing the problem in a general way is a much
> more ambitious goal than just extending this assurance to Tor.

I 100% agree the CA issue is a much bigger one than this conversation,
but the situations *are* different.

Saying that, I do understand the "architectural
considerations" (-Facebook) that some large companies might have.

-- 
Matthew Puckey
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

