Dave Warren writes:
> I don't completely understand this, since outside the Tor world it's
> possible to acquire DV certificates using verification performed on
> unencrypted (HTTP) channels.
> Wouldn't the same be possible for a .onion, simply requiring that the
> verification service act as a Tor client? This would be at least as good,
> given that Tor adds a bit of encryption.
I think Roger's reply to my message addresses reasons why I think this
is a good argument, and I'm in agreement with you. However, with
next-generation onion services, it should no longer be necessary to have
any form of this argument.
Seth Schoen <sch...@eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
tor-talk mailing list - firstname.lastname@example.org
To unsubscribe or change other settings go to