Tor gains extra security as .onion becomes Special-Use Domain Name

Tor logoTor -- The Onion Router -- is used as a way of browsing the web (more) anonymously. Most well-known for providing access to what has become known as the Dark Web, Tor has faced competition from other secure browsing systems such as HORNET. But now it is set to benefit from key changes that will improve security and have further implications.

Engineering Task Force (IETF) along with Internet Assigned Numbers Authority, part of ICANN, has granted formal recognition to the .onion domain, adding it to the list of Special-Use Domain Names. Previously known as a psdeuo-TLD it was technically possible for the .onion domain to be used on the regular web -- now it is limited to Tor. There is also the possibility of site-specific encryption and the use of security certificates.

Tor may be famed for the likes of Silk Road and other such sites, but the anonymity and security it offer is important for many reasons. Of course the Tor network is not only home to nefarious websites (although it's fair to say that this accounts for a reasonable percentage of traffic), it is also used by news outlets as a way to anonymously gather news, and Facebook even has a secure presence.

The official recognition of .onion will automatically help to improve security, helping to reduce the ability to identify or locate users. The IETF documentation explains what the change means for accessing .onion sites:

Applications (including proxies) that implement the Tor protocol MUST recognize .onion names as special by either accessing them directly, or using a proxy (e.g., SOCKS [RFC1928]) to do so. Applications that do not implement the Tor protocol SHOULD generate an error upon the use of .onion, and SHOULD NOT perform a DNS lookup.

Other key clauses bolster security further:

Name Resolution APIs and Libraries: Resolvers MUST either respond to requests for .onion names by resolving them according to [tor-rendezvous] or by responding with NXDOMAIN.

Caching DNS Servers: Caching servers, where not explicitly adapted to interoperate with Tor, SHOULD NOT attempt to look up records for .onion names. They MUST generate NXDOMAIN for all such queries.

Authoritative DNS Servers: Authoritative servers MUST respond to queries for .onion with NXDOMAIN.

The prospect of SSL and TLS certification is important for the wider adoption of Tor as it helps to give users confidence that the sites they are dealing with are what they say they are. Speaking to Motherboard, Richard Barnes, the Firefox Security Lead at Mozilla, said:

This enables the Tor .onion ecosystem to benefit from the same level of security you can get in the rest of the web. It adds a layer of security on top.

Source: Betanews

Tags: domains, ICANN, security

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
The smartwatch is reportedly being released alongside the Galaxy Note9 with some new tech on board
 
Not to be confused with a flip phone which separates the display from the hinge
 
The PCI-SIG has announced that PCIe 4.0 specification is finished
 
The report even mentions that AMD developed the Navi GPU architecture specifically
 
Intel has alreadt started production of XMM 7560 modem chips
 
The Galaxy Note 9 was previously expected to ship with a 3,850mAh battery
 
New update claimed to reduce system stability issues by 20%
 
The new silicon could let Intel design 20-core and 22-core SKUs for the X299 Express chipset
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
     12
3456789
10111213141516
17181920212223
24252627282930




Poll

Do you use microSD card with your phone?
or leave your own version in comments (10)