An Open Letter to CA/Browser Forum re: Personal Certificates for “.onion”

Ryan, I’d like to take you up on your invitation and request that you forward the following text to the CA/Browser Forum public list, please…


Hi CA/B Forum! I’m a software engineer and one of the authors of RFC 7686; since 2001 I have maintained a personal blog and it’s overdue for a complete software refresh. I want to take advantage of Let’s Encrypt to provide normal HTTPS certificates for the blog, and I want a 100% HTTPS deployment when I am done.

I intend also to provide my blog with an Onion Address, thus my question:

On my blog I do not represent a company – I act purely as an individual; I expect to easily get a “normal” domain-related certificate from Let’s Encrypt, but as an individual I will not be able to get an EV certificate for my Onion Site as mandated by CA/B Forum Ballot 144.

This situation inhibits me from protecting my personal blog’s Onion Site with some form of Onion HTTPS certificate.

It further discriminates against my choice of software deployment as an individual.

Perhaps I could run my blog as HTTP-over-Onion and HTTPS-over-Internet, but this breaks my goal of a 100% HTTPS deployment. Clients of my Onion Site would not have access to HTTPS-only “Secure” cookies and other functionality which browsers today (or will soon) restrict to HTTPS sites, e.g. Camera & Microphone access. This would be an undesirable lack of consistency.

It is not viable to hack the Tor Browser to support an “Onion-only” CA, because only some portion of Tor traffic uses the Tor Browser; non-browser apps which use Tor would not be able take advantage of such a kludge, and thereby would not see the benefit of SSL.

In any case, “.onion” is now an official special-use TLD, and therefore should be supported by official means.

After a hint from Ryan Sleevi – plus referring to the Mozilla CA glossary [1] – I did some research and think that I need either an AV (address validation) or an IV (individual validation) SSL Certificate for my personal blog’s Onion Site.

Discussing likely use cases with Runa Sandvik, we believe that people who use Tor desire (at least) all of privacy, anonymity and integrity. The option that seems most sympathetic to all of these requirements is the AV (address validation) certificate. An AV certificate would provide an Onion Address with an SSL certificate (and thus a form of persistent identity) corresponding simply to an RFC822 email address. This would appear extremely well-suited to users of Onion-backed instant messenger software, such as Ricochet, especially those communicating without reference to “real world” identities.

The alternative of an IV (individual validation) certificate appears closer to the goals of the EV certificate, being a more expensive “absolute identity” certificate that would (per the Glossary) require a Driving License, Passport, or National Identity Card to get. This would be useful for instances where people wish to publicly attest to ownership of what they write / blog / post / publish, but would be less useful e.g. for whistleblowers operating in repressive regimes.

Frankly I see a need for both, and would be (for this case in point) happy to get one of either, but am also open to other alternatives which would not require me to register a company to bootstrap.

So, finally, the question: how may I go about obtaining a suitable, personal, Onion-capable SSL Certificate for my blog, please?

Alec Muffett
London

[1] https://wiki.mozilla.org/CA:Glossary – some extracts follow:

AV (address validation) — Many CAs issue end entity certificates to individuals for use with S/MIME email for which the applicant need only demonstrate that they own and/or control the email address named in the certificate. For example, the owner of the “jdoe@example.com” address could obtain an AV certificate for that address based on their demonstrating to a CA that they owned or controlled the email address in question, e.g., by responding to email addresses sent to an email sent to that address. We can refer to such certificates as address-validated or AV certificates.

More formally we can define AV certificates as certificates containing an emailAddress attribute or Subject Alternative Name extension with a value (or values) apparently corresponding to an RFC 822 email address, for which the CA makes claims (e.g., in the CPS) that it has in some way validated that that address in question is owned and/or legitimately controlled by the cert subscriber, and for which the CA makes no claims as to the validity of any individual identity stored in the Common Name attribute of the certificate. Note that “AV” is not a common industry term, but is newly-coined by analogy with “DV”, “IV”, etc. Some people use the term “DV” loosely to cover this case, but arguably it deserves a term of its own.

…and…

IV (individual validation or identity validation) — Many CAs issue end entity certificates to individuals for email, SSL/TLS client authentication, and other uses, for which the applicant is required to supply some sort of evidence as to their identity (e.g., by presenting themselves in person with a copy of their national identity card). These are commonly referred to as identity-validated or IV certificates.

More formally we can define IV certificates as certificates containing a Common Name (CN) attribute with a value apparently corresponding to an actual named individual, for which the CA makes claims (e.g., in the CPS) that it has in some way validated that that value corresponds to the individual identity of the certificate subscriber. Note that some people use “IV” as a synonym for “OV” when referring to certificates issued to organizations. However it’s arguably more clear to use “IV” to refer only to certificates issued to individuals.

Note that an IV certificate could also contain an email address in addition to the individual identity information. Mozilla policy requires that email address to be validated to the same or greater degree as for a AV certificate.

Apparently the Deputy PM thinks Anti-Terrorism Legislation is fairly used to retrieve/destroy classified data #Miranda

Interesting. Nick Clegg’s recent (friday evening) posting in the Guardian has been amended, saying:

This article was amended at 21.05 BST for legal reasons

Why would that be? Well a blogger notes:

Really, I don’t think I need say any more than point this out; and if the comment has been culled “for legal reasons”, all the more reason to highlight what was formerly said and presumably thought, I feel…

See also Reddit and just google the phrase to watch for a cascade of edits in other forums.

A simple rebuttal to @cguitton’s attempt to trash Tor Hidden Services /cc @torproject

There’s this paper by this guy at KCL.

That he’s posted it on Dropbox is both relevant and ironic.

In it, and in his Twitter feed, he argues essentially that Tor is OK-ish, but promotes anonymity – which he sees as “bad” – and Tor Hidden Services are intolerable and should “no longer be developed” because they promote so many bad things.

There are a bunch of arguments one could have about morality, privacy, anonymity, etc; but that’s playing the game in the expected fashion, leading to much postmodern posing and wastage of breath; so I will try a different, more Turingesque machine-based approach.

It’s very simple:

Strategically there is no communications difference between Tor, and Tor Hidden Services; what do I mean by this? I mean that both are simply forms of communication, and all forms of communication are functionally interchangable. To explain:

Tor mirrors the Internet and provides a connected graph of nodes which can communicate peer-to-peer; Tor Hidden Services provide a client-server model akin to the Web which runs atop the Internet.

If we are talking about access to data at rest – then we can provide such access in both models; with peer-to-peer networks we use Content-Based Addressing (a-la “Magnet Links” on Bittorrent) and on client-server networks we use Resource-Based Addressing (a-la URLs on the Web)

If we are talking about access to data in motion – then we can also provide such access in both models; with peer-to-peer communications (Skype, Bittorrent, E-Mail, USENET) – which may be synchronous (VoIP) or not (store-and-forward); and on client-server networks we historically just emulate the endpoints of peer-to-peer communication (E-mail becomes IMAP).

If data is not at rest or in motion, what is it?

So: there are two sorts of data and two communications mechanisms which are equivalent, merely using alternate addressing strategies* to distinguish them; with this understanding there is no way to choose one over another, nor reject one as “bad” while the other is “ok” or “good”.

Therefore, when one is dismissing a communications mechanism as bad, one is not talking about the medium, because all communications media are technically equivalent.

Instead, one is talking about the message. Therefore one is talking about censorship.

Welcome to your new role, Clement. Censor. QED.

Also, Dropbox, really? That’s not a proper webserver at all. If anything, it’s a peer-to-peer network with hierarchical backing storage and distributed web-emulating frontends.


* Another example:

  • Resource based addressing: “third shelf, fourth book along”
  • Content based addressing: “says it’s authored by Dickens, begins with ‘It was the best of times, it was the worst of times…'”

Do you know what it is, yet?

2010: ThorpeGlen Maintains the Worlds Largest Social Network

Just in case it ever vanishes, a memory from archive.org; Thorpe Glen were a spinoff of a spinoff of BT and were subsequently bought-out – I forget by whom; their website lies idle; but be aware that they existed back then.

ThorpeGlen Maintains the Worlds Largest Social Network
Date published: 6th July, 2010
Technology innovation enables dynamic update of over 1.2 billion social profiles

ThorpeGlen Limited, world leaders in design and development of mass data analysis and storage solutions for the security sector, announced the creation of the worlds largest social network, with over 1.2 billion nodes in a live installation of the ThorpeGlen Monitoring Solution (TMS) measured in May 2010. A node on a social network is a person, piece of equipment or account, the network itself maps the linkages between nodes meaning that flow of funds through bank accounts, the movement of people and materials within a production facility or the way in which people communicate with each other by e-mail or telephone can be visualised and analysed.

Tony Chester, Chief Technology Officer at ThorpeGlen, explained that “the capabilities provided by the ThorpeGlen Monitoring Solution (TMS) enable our customers to quickly identify irregular behaviour or suspicious patterns within a social network thus providing a powerful tool in the prevention and detection of revenue loss and crime. Maintaining social profiles across a vast social network so that behaviour patterns can be analysed has proved to be a complex issue. Technology innovation has enabled us to dynamically update over 1.2 billion social profiles as the network continuously evolves.”

ThorpeGlen was granted the Queens Award for International Trade in 2009, building on this in 2010 ThorpeGlen’s leading edge technology has been recognised with the presentation of the Queens Award for Innovation.

HT PrivacyInternational

Secure Beneath the Watchful Eyes London Transport Poster

It’s mentioned in many places on the web, but it turns out that this fabulously Orwellian poster from several years ago:

Secure Beneath Watchful Eyes…is available as a hi-res PDF at WhatDoTheyKnow, the result of a FOIA.

My irony meter is rather strained by this discovery.