> cn=pubkeybase32.onion There are lots of HS certs out there. Some are just the usual random certs. Some use this exact cn specification. I never looked to see if any of them actually packed in the full HS pubkey somewhere.
> I believe torchat does this IIRC, torchat is just doing a bidirectional secret passing pingpong between clients behind the HS addresses, no actual x509 stuff. There's a good paper on it. > compatible with future editions of hidden services which aren't based I think this pending may be holding a number of people back from deploying some onion things today when it might get ripped out from under them later. Whether for the RSA part. Or for good utility in maintaining just the 80-bit addressing part as a map between EC addressing. Where depending on how much of the current scheme is retained, collision, spoofing, enumeration or even some continued risk of deanonymization is not as important to their relatively non-sensitive application, where making IPv6 transport work might be. Not said as cause not to move forward, but to consider continuing capabilities where possible. > Are there other applications which would benefit from having x.509 > certs for onion names? Certs, yes, even for simple surfing... but no matter what is done there, people still phish themselves all the time. There's just no hope for those classic types. -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
