SoylentNews

takyon [soylentnews.org] writes:

A decision by the IETF means that compliant browsers and software should keep requests for Tor .onion domains off the public Internet [torproject.org]:

The Internet Engineering Task Force [ietf.org] (IETF), the body that sets standards for the Internet, has formally recognized .onion [wikipedia.org] names. We think that this is a small and important landmark in the movement to build privacy into the structure of the Internet. This standardization work for .onion is joint work between Facebook [facebook.com] and the Tor Project [torproject.org] amongst others in an effort to help secure users everywhere.

[...] During our long journey which began in the Summer of Snowden, Alec Muffett and I were encouraged to split out .onion from the list of other peer to peer names and to make a separate draft to register .onion as a Special-Use Domain Name. In this draft we listed security and privacy considerations that we believe will help to protect end users from targeted and mass-surveillance. We're happy to say that the first name reservation was just published as RFC7686 [rfc-editor.org].

Our internet standard reflects on considerations for handling .onion names on the internet as well as officially reserving .onion as a Special-Use-Domain-Name [iana.org] with the Internet Assigned Numbers Authority [iana.org] (IANA). With this registration, it is should also be possible to buy Extended Validation (EV) SSL/TLS certificates for .onion services thanks to a recent decision [cabforum.org] by the Certification Authority Browser Forum. We hope that in the future we'll see easy to issue certificates from the Let's Encrypt [letsencrypt.org] project for .onion services. We also hope to see more Peer to Peer names [gnunet.org] such as .gnu registered as Special-Use-Domain-Names by the IETF.

It is now easier than ever to deploy [torproject.org], share [onionshare.org] and use [ricochet.im] Tor Hidden Services.

Via The Register [theregister.co.uk].

Original Submission