Delivery-Date: Thu, 21 Jan 2016 12:48:34 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 6E9EF1E068E;
	Thu, 21 Jan 2016 12:48:32 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 703F939593;
	Thu, 21 Jan 2016 17:48:27 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 85C8239513;
 Thu, 21 Jan 2016 17:48:23 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id G0GmS-TGrJB7; Thu, 21 Jan 2016 17:48:23 +0000 (UTC)
Received: from mail-qg0-x22b.google.com (mail-qg0-x22b.google.com
 [IPv6:2607:f8b0:400d:c04::22b])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 5F1D83942F;
 Thu, 21 Jan 2016 17:48:23 +0000 (UTC)
Received: by mail-qg0-x22b.google.com with SMTP id o11so37654946qge.2;
 Thu, 21 Jan 2016 09:48:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=P7h6gTjxijzxSjvP978T1f/+DYWVVS3MGkOjI2MxbF8=;
 b=VKHKZBdtKgB5gXGOUwdzZ3ADYbbuCoMfptwQJt9Lhg+zMi726OdHjBF85/ttA5OOzv
 T10xKrtZfPt+aPn+bmTCszKaQIdqHTOWSz+U+GLcK/fgmj8Ryeusdsr4DTGCpSxnHhBu
 gT+FmolZru1sy1+r4v6vprQnGTJm28nvPDg9m6TmdCWz5VsQilxZ07S8SoONP22gXjnw
 sg/S2DWzWLSfbZALJCvGcO8/5Nh4CN1YdexqgvMEPYIUTzN3i8A8w1F1H2u9m/FDWf7J
 ldBum/RKNzVEmYkcmwzs3hYSOxZQUhrhytk9Q6QonoEGXgnVksG+xoMsbRf/Od+DoJU6
 R1zQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:date
 :message-id:subject:from:to:cc:content-type;
 bh=P7h6gTjxijzxSjvP978T1f/+DYWVVS3MGkOjI2MxbF8=;
 b=BUEq4MTD0MiaJ96awPMahptnSAGncrSneNrqfHEtMaebV1bhwAlVIcwkIt0PzG32E3
 cKVhsKk7aJoN9ldEa3oBrolRMH7YpFtXH+RYqPOIYpTjYJqwLMc3MsHQ6NnUQAGMJLzF
 UFFSulxyibnYzqyFJCu0/EeIxmEvHi9zbfi0gIzipdVpkjkShwHQx7OzppMPUlznyXb2
 4qlR8T/nDzNzInHrr57zAhGY0uQSLO+adOKfZnCNAsfyKfZKEgSdTzWjIhION1wdlXxp
 uZuCjJ6+GwgwtQoCOo9dpo9MwE+n3P7OpNN75jvLNqXHrfXPjeIDMcPpfRvhrjxfC9/U
 7xKQ==
X-Gm-Message-State: ALoCoQlw2iZI3JuzQjVIzJAHxljojgCyM93njplvRayejZYFCE0TYX5D4k3OXP69/7HOZl5k+y3TuQW53C1PfKrour1f2y390Q==
MIME-Version: 1.0
X-Received: by 10.140.227.199 with SMTP id x190mr56806930qhb.46.1453398500966; 
 Thu, 21 Jan 2016 09:48:20 -0800 (PST)
Received: by 10.55.175.129 with HTTP; Thu, 21 Jan 2016 09:48:20 -0800 (PST)
In-Reply-To: <CADop2NFa6XDdcgrtz4W3rEzTpOk5YJNyEpS6Le7GA=DVLbOTMA@mail.gmail.com>
References: <CADop2NFa6XDdcgrtz4W3rEzTpOk5YJNyEpS6Le7GA=DVLbOTMA@mail.gmail.com>
Date: Thu, 21 Jan 2016 17:48:20 +0000
Message-ID: <CAMtFrUFPKLoa+jz17Kadno-pgqd_Vc+w_vvr5EB8GAOVr_gPWg@mail.gmail.com>
From: "Runa A. Sandvik" <runa.sandvik@gmail.com>
To: Virgil Griffith <i@virgil.gr>
Cc: "tor-talk@lists.torproject.org" <tor-talk@lists.torproject.org>,
 "tor-assistants@lists.torproject.org" <tor-assistants@lists.torproject.org>
Subject: Re: [tor-talk] [tor-assistants] Fwd: can you do an EV certificate
	for a .onion domain?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Thu, Jan 21, 2016 at 5:45 PM, Virgil Griffith <i@virgil.gr> wrote:
> Fun fact.  https://certsimple.com now supports doing Extended
> Validation TLS certificates for .onion.  You can even get wildcard
> certs, ooooooo! so fancy!
>
> For some hidden service operators struggling with people cloning your
> site this can be a solution.  A little surprised that
> facebookcorewwwi.onion isn't already doing this.  At the very least
> this seems like a fine thing for users of the upcoming
> single-onion-services.

Facebook has had a wildcard EV cert for its .onion site for over a
year now (thanks to DigiCert).

-- 
Runa A. Sandvik
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

