(2) What reasons do people have for wanting certificates that cover onion names? I think I know of at least three or four reasons, but I'm interested in creating a list that's as thorough as possible.
Six to start with: - not having to rewrite CMS code which assumes HTTPS, eg for secure cookies; the Onion acts as a straight deployment on a new domain name - corollary: not having to lobby browser manufacturers to pollute their code to understand that http under this magical "onion" TLD is somehow almost but not entirely treatable like https. - access to secure-locked protocols like WebRTC - protection of traffic for the link between Tor daemon (basically a reverse-proxy) and the site load-balancer fanout in enterprise deployment - user expectation for padlocks, consistency rather than special-snowflake creeping featurism - EV: attestation. -alec -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk