On Fri, Oct 25, 2013 at 08:31:05PM -0700, Gregory Maxwell wrote:
> One limitation of the payment protocol as speced is that there is no
> way for a hidden service site to make use of its full authentication
> capability because they are unable to get SSL certificates issued to
> them.
> 
> A tor hidden service (onion site) is controlled by an RSA key.
> 
> It would be trivial to pack a tor HS pubkey into a self-signed x509
> certificate with the cn set to foooo.onion.
> 
> If we specified in the payment protocol an additional validation
> procedure for [base32].onion hosts that just has it hash and base32
> encode the pubkey (as tor does) then the payment protocol could work
> seamlessly with tor hosts. (Displaying that the payment request came
> from "foooo.onion").  I believe that the additional code for this
> would be trivial (and I'll write it if there is support for making
> this a standard feature).
> 
> This would give us an fully supported option which is completely CA
> free... it would only work for tor sites, but the people concerned
> about CA trechery are likely to want to use tor in any case.
> 
> Thoughts?

Strong ACK on the basis of responding for forum trolls alone.

It's easy enough to make it a genuinely useful tool for multisig wallets
too: keep a copy of your Tor URL bookmarks on your second signing
computer. So long as either computer has the correct URL you're safe.

-- 
'peter'[:-1]@petertodd.org
0000000000000006fbd917e8b4770c566dbc8ed4bedd00f441286ffb6e7f73ac