Blockchain.info onion address?

Via /r/Bitcoin: Blockchain.info becomes the second website (after Facebook) to have been issued an HTTPS certificate by DigiCert for their .onion address.

Unless I completely misunderstand how Tor works, this means the blockchain.info MITM attacks via compromised exit nodes would be completely mitigated.


Comments


[3 Points] ShulginsCat:

That's true regardless of the certificate. Communication to onions are encrypted whether it's http or https. That extra 's' only adds encryption on top of encryption, which isn't harmful afaik but doesn't change much.

Imagine what would happen if anyone could run an exit node and mitm your communications with agora or evo.


[2 Points] rmxz:

completely mitigated.

If you trust DigiCert.

Unfortunately governments and certificate authorities collude with each other so if you're hiding from anyone with the ability to get a warrant (say, any government), this doesn't really help at all.

Seems it'd be more trustworthy if they had a self-signed cert; and distributed their own CA certificate that people could install as trusted in their own browsers. Sure, there's a challenge distributing that CA certificate. But it's not as bad as using one from DigiCert. With a self-signed cert, someone would need to compromise them when that original CA certificate is being distributed, and you'd be pretty safe after that. With DigiCert, any government can compromise them at any future date simply by sending DigiCert a warrant.


[2 Points] gramsadmin:

gramsflow.com/blockchain for anyone who want to use the new onion url and can't remember it