Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

IETF Recognizes .onion as a Special-use Domain Name

November 2, 2015

SC Magazine reported last week that there has been formal recognition of .onion as a Special-use Domain Name by the Internet Engineering Task Force (IETF). Jacob Appelbaum, a security researcher and developer, privacy expert and a core member of the Tor Project, said in a blog post that the draft to register the domain name included security and privacy considerations that likely “will help to protect end users from targeted and mass-surveillance."

“Losing control of .onion had the potential to create confusion for all hidden services, not just Facebook,” Facebook software engineer and Internet security evangelist Muffet told SC Magazine in an e-mail correspondence. “This is really about securing the way people connect to Facebook. With our .onion site on the TOR network, people can confidently connect to Facebook knowing their link is genuine and end-to-end secure.”

By using .onion, Appelbaum noted, users are assured of security from end to end. Due in part to its self-authentication capability, “if you can get a .onion domain name you can be absolutely sure you're only talking to” who is supposed to be at the other end, he said, adding that Facebook was able to get a vanity name, meaning that used in conjunction with .onion, users are offered two layers of security. “If you have .onion, you don't need SSL, because you know who you're talking to.” But users can still buy Extended Validation (EV) SSL/TLS certificates for .onion services, which provide added safeguards.

Does this protect the bad guys too? Of course. But protecting the privacy of good guys necessarily means affording the same protections to the villains of the world. And to think it all started in what these folks call the "Summer of Snowden." Hard to believe it was only two years ago that we learned how massive government surveillance had become.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

IETF Recognizes .onion as a Special-use Domain Name

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer