Ancestors

Written by Q ✨ @ FOSDEM on 2025-01-16 at 09:35

!!!!!!!!

=> View attached media

=> More informations about this toot | More toots from q@glauca.space

Toot

Written by ⛧-440729 [sophie] on 2025-01-16 at 09:39

@q woaa can we finally get tls for onion addresses??? that's so cool!!

=> More informations about this toot | More toots from sophie@catgirl.cloud

Descendants

Written by Q ✨ @ FOSDEM on 2025-01-16 at 09:40

@sophie yes*

• : a publicly trusted CA needs to implement this, a few have indicated they plan to

=> More informations about this toot | More toots from q@glauca.space

Written by ⛧-440729 [sophie] on 2025-01-16 at 09:42

@q please say let's encrypt is one of them,,? because iirc some random root ca has been selling tls certificates for onion domains for a while now but having this be 1) more common and 2) (and more importantly) freely available would be extremely nice

=> More informations about this toot | More toots from sophie@catgirl.cloud

Written by keschi :neocat_box: :therian: Θ on 2025-01-16 at 09:44

@sophie @q the random CA is HARICA

=> More informations about this toot | More toots from kescher@catcatnya.com

Written by Q ✨ @ FOSDEM on 2025-01-16 at 09:45

@kescher @sophie I have been trying to talk to HARICA about this, but mostly got radio silence

=> More informations about this toot | More toots from q@glauca.space

Written by keschi :neocat_box: :therian: Θ on 2025-01-16 at 09:46

@q @sophie Yeah, it's not automated there yet at all, which would certainly be interesting for them, too

=> More informations about this toot | More toots from kescher@catcatnya.com

Written by Q ✨ @ FOSDEM on 2025-01-16 at 09:49

@kescher @sophie have dropped HARICA another email, lets see what they say now its approved

=> More informations about this toot | More toots from q@glauca.space

Written by Q ✨ @ FOSDEM on 2025-01-16 at 09:44

@sophie Let's Encrypt are making noncommittal noises, so maybe???

=> More informations about this toot | More toots from q@glauca.space

Written by Q ✨ @ FOSDEM on 2025-01-16 at 10:10

@sophie In the meantime if you'd like to test there's a CA at https://acmeforonions.org that runs from my kitchen

=> More informations about this toot | More toots from q@glauca.space

Written by ⛧-440729 [sophie] on 2025-01-16 at 10:17

@q that's a very cool thing tbh (also love the department of random numbers being used as the ou in the root ca :3)

probably will need to find a way to even make an acme request though, because currently træfik manages tls and tor traffic doesn't go through that atm... hm. will definitely see when there's some time, thanks!! :3

=> More informations about this toot | More toots from sophie@catgirl.cloud

Written by Haelwenn /элвэн/ :triskell: on 2025-01-16 at 09:44

@q @sophie Hopefully Let's Encrypt because I've yet to find any other CA that's actually trustworthy.

=> More informations about this toot | More toots from lanodan@queer.hacktivis.me

Written by opal on 2025-01-16 at 10:02

@sophie @q what's the point other than shutting up browser warnings

=> More informations about this toot | More toots from wowaname@freesoftwareextremist.com

Written by Q ✨ @ FOSDEM on 2025-01-16 at 10:08

@wowaname @sophie there are a few reasons:

=> More informations about this toot | More toots from q@glauca.space

Written by opal on 2025-01-16 at 10:44

@q @sophie

cryptographic tie

probably the only reason there that isn't a result of others' stupidity

=> More informations about this toot | More toots from wowaname@freesoftwareextremist.com

Written by Q ✨ @ FOSDEM on 2025-01-16 at 10:45

@wowaname @sophie well yes, but we don’t live in an ideal world

=> More informations about this toot | More toots from q@glauca.space