Delivery-Date: Tue, 26 Jan 2016 13:43:05 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD,URIBL_DBL_SPAM autolearn=no version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 8CF821E01A4;
	Tue, 26 Jan 2016 13:43:04 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id A544138DCA;
	Tue, 26 Jan 2016 18:42:59 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id D781E38DC3
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 18:42:56 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id vNfOPtnGTHP6 for <tor-talk@lists.torproject.org>;
 Tue, 26 Jan 2016 18:42:56 +0000 (UTC)
Received: from opayq.com (smtp7.opayq.com [54.243.117.161])
 by eugeni.torproject.org (Postfix) with ESMTP id B13CA38DBD
 for <tor-talk@lists.torproject.org>; Tue, 26 Jan 2016 18:42:56 +0000 (UTC)
X-Greylist: delayed 305 seconds by postgrey-1.34 at eugeni;
 Tue, 26 Jan 2016 18:42:56 UTC
From: a55deaba@opayq.com
To: tor-talk@lists.torproject.org
MIME-Version: 1.0
X-GetAbine-Processed: 1
Received-SPF: pass (spfCheck: domain of _spf.google.com designates
 209.85.223.193 as permitted sender) client-ip=209.85.223.193;
 envelope-from=cody.r.hussey@gmail.com; helo=mail-io0-f193.google.com; 
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:content-type;
 bh=qnTtb1kE+DYrrWVvvENAChe+vcQ+kKTBBoQUaMqZ6n0=;
 b=Xmh/XEojfLHyubp4YVYAIUlZ+U9sQaaHqqVS4Gj23bxDA8DreMFTB3kCdM71ziuxZY
 jRQlk4opV+vJw9zHTBt4QpBldc6V20a6EpMWmpDqMtQCxerFoUFSd2u/4wM8AZN2dttp
 QzIPJi6qwQ92h9Gk0ya/EKP4vl1mSqqOwjKMhq0Y59eKSMbQ4tgGgcC0qnybaYV4a5Uh
 FlZzHnk7EKsfzvDYvXGtEOv+B8O4DClROmdPBZiiHEkirBucJbfpfrXC2my+QgpC05db
 xPpB82HS7zVnLAgKyeEdBWhP4cLvCqftYtAlqGBLoDvKKjKPy1ualGJoqK3MV/UDZZMu
 3MoQ==
X-Gm-Message-State: AG10YORGBEoZ8bKQn1/rxVXFr7P6EYLJk3xFIFQLD9wsQL+Etsq0fGcF3GFnpc5QBtUk5ANLO4NtS0ZLuvFSqg==
X-Received: by 10.107.10.215 with SMTP id 84mr27818048iok.106.1453833453506;
 Tue, 26 Jan 2016 10:37:33 -0800 (PST)
References: <K8zCB59--3-0@tutanota.com>
In-Reply-To: <K8zCB59--3-0@tutanota.com>
Date: Tue, 26 Jan 2016 18:37:24 +0000
Message-ID: <CAG_xf59tGGQgLdH17gff7M8oYU96viXCWMgnnponfrNYr8dqJg@mail.gmail.com>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] onion routing MITM
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

A CA will not validate a '.onion' address since it's not an official TLD
approved by ICANN. The numbers aren't random. From Wikipedia:

"16-character alpha-semi-numeric hashes which are automatically generated
based on a public key <https://en.wikipedia.org/wiki/Public_key> when a hidden
service
<https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Hidden_services> is
configured. These 16-character hashes can be made up of any letter of the
alphabet, and decimal digits from 2 to 7, thus representing an 80-bit
number in base32 <https://en.wikipedia.org/wiki/Base32>. It is possible to
set up a human-readable .onion URL (e.g. starting with an organization
name) by generating massive numbers of key pairs
<https://en.wikipedia.org/wiki/Public-key_cryptography> (a computational
process that can be parallelized
<https://en.wikipedia.org/wiki/Parallelized>) until a sufficiently
desirable URL is found."[2]
<https://en.wikipedia.org/wiki/.onion#cite_note-scallion-2>[3]
<https://en.wikipedia.org/wiki/.onion#cite_note-facebook_url-3>"

Cheers,
yodablue

On Tue, Jan 26, 2016 at 1:32 PM lists.torproject.org [Masked]
<FWD-737QLY3MGNAYSQFGAHIDLIAC2AJOAZ4BKBNCRYADXAICEWBKGA4GYNTQE4MCKZVAFMRQA3BHMAEPUEBAAAQA====@
opayq.com> wrote:

>
> --------------------------Blur (formerly
> DoNotTrackMe)---------------------------
> 
> -------------------------By Abine--------------------------
>
>
> I'm new to tor, trying to understand some stuff.
>
> I understand the .onion TLD is not an officially recognized TLD, so it's
> not
> resolved by normal DNS servers. The FAQ seems to say that tor itself
> resolves
> these, not to an IP address, but to a hidden site somehow.
>
> When I look at thehiddenwiki.org, I see a bunch of .onion sites, with
> random
> looking names. Why is this? What if someone at thehiddenwiki.org
> registered a
> new .onion site (for example http://somerandomletters.onion), which then
> relayed traffic to duck-duck-go (http://3g2upl4pq6kufc4m.onion)?
> Thehiddenwiki could give me the link http://somerandomletters.org, and of
> course I would never know the difference between that and
> http://3g2upl4pq6kufc4m.onion
>
> Without trusting a CA to validate a site name, what prevents MITM attacks?
> Am
> I supposed to get the duckduckgo URL from a trusted friend of mine, and
> then
> always keep it?
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

