Delivery-Date: Fri, 02 Jan 2015 01:35:29 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id DF8C51E0A28
	for <archiver@seul.org>; Fri,  2 Jan 2015 01:35:27 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 9400B32572;
	Fri,  2 Jan 2015 06:35:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id DB7FE32550
 for <tor-talk@lists.torproject.org>; Fri,  2 Jan 2015 06:35:20 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id a0mNBgrnPWN7 for <tor-talk@lists.torproject.org>;
 Fri,  2 Jan 2015 06:35:20 +0000 (UTC)
Received: from mail.jama.is
 (HSI-KBW-46-237-226-179.hsi.kabel-badenwuerttemberg.de [46.237.226.179])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id A54CE3254E
 for <tor-talk@lists.torproject.org>; Fri,  2 Jan 2015 06:35:20 +0000 (UTC)
Received: from slamaq2.localnet
 (HSI-KBW-46-237-226-179.hsi.kabel-badenwuerttemberg.de [46.237.226.179])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.jama.is (Postfix) with ESMTPSA id 16961158041
 for <tor-talk@lists.torproject.org>; Fri,  2 Jan 2015 07:35:15 +0100 (CET)
From: tor-admin@torland.me
To: tor-talk@lists.torproject.org
Date: Fri, 02 Jan 2015 07:35:12 +0100
Message-ID: <2151805.rLCLD8kITy@slamaq2>
In-Reply-To: <54A63A1A.50307@riseup.net>
References: <54A4A69B.4020803@riseup.net> <54A62DB2.5010806@metaverse.org>
 <54A63A1A.50307@riseup.net>
MIME-Version: 1.0
Subject: Re: [tor-talk] Giving Hidden Services some love
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Friday 02 January 2015 06:26:34 Thomas White wrote:
> Re: setting up a CA. I done some research on this a while ago after
> bouncing the idea around on IRC and the problem is the legal side of
> things. It will be difficult for Mozilla to accept a CA who would only
> sign for .onion certificates (there is no policy in place but it seems
> the easiest route rather than applying for a full spectrum CA root
> cert include). Even if any of the certificates are granted for that
> org to become a CA you have considerations such as insurance (which I
> do believe is a requirement). I mean it is certainly possible, but it
> would require a huge amount of co-ordinated effort, a contact within
> Mozilla, the proper technical and legal infrastructure etc. I am more
> than happy to advise on such things with what research I have already
> done, but right now I think petitioning the existing CA's who have
> policy influence may be a better route.

How about "Let's encrypt"? Are they willing to sign .onion?

Regards,

torland

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

