[cabfpub] Ballot 144 -.onion domains
Tom Ritter
tom at ritter.vg
Fri Feb 13 19:51:41 UTC 2015
On Feb 13, 2015 1:42 PM, "kirk_hall at trendmicro.com" <
kirk_hall at trendmicro.com> wrote:
>
> I'm over my ski tips, but... wouldn't revocation checking (by the user's
client) potentially reveal which websites the Tor user is viewing?
To the CA? Yes. But you're not going to learn anything other than that a
Tor user visited the site at that time. The exit IP is a Tor IP, and
TorBrowser is designed to present a uniform presentation to prevent
fingerprinting. I think they may even use a different circuit so the IP
wouldn't even match the IP the website sees, but I'm not certain.
-tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150213/5b7c22b8/attachment-0003.html>
More information about the Public
mailing list