Techly NewsGet the app

Get the latest tech news

Certificates for Onion Services


¶ About¶ This document tracks existing procedures or proposals for integrating and validating TLS/HTTPS certificates for Onion Services. While some depends on Certificate Authorities (CA) model, others rely on alternative certification and validation procedures that does not require built-in certificate chains in the client software or reliance on financial transactions.

Whenever you browse the internet regularly, the connection between your computer and a service is usually encrypted, and the safety of this communication happens through the verification of a special type of certificate. It also opens up new opportunities such as payment processing,"as current PCI DSS requirements do not allow non-standard TLS" and may only work with certificates having some sort of validation. For other applications -- like the TorVPN and third-party software --, this would probably require patches or documentation instructing users to accept non-CA signed certificates when accessing Onion Services, which is very hard to provide and to maintain for a wide ranging of tools.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of certificates

certificates

Photo of Onion Services

Onion Services

Related news:

News photo

Spotting base64 encoded JSON, certificates, and private keys

News photo

All I Know About Certificates – Certificate Authority

News photo

Remote access giant AnyDesk resets passwords and revokes certificates after hack

« Nvidia CEO Huang says bringing Blackwell AI chip to China 'is a real possibility'
Alibaba Seeks to Refinance $6.5 Billion Bank Loan Due Next Year »