DonnchaC / oniongateway

End-to-End encrypted Tor2Web gateway
MIT License
37 stars 9 forks source link

Write a service-side agent for TLS cert and sub-domain registration. #18

Open DonnchaC opened 8 years ago

DonnchaC commented 8 years ago

All hidden service endpoints need to have a valid CA-signed TLS certificate for the oniongatway to be useful. This process is now much easier with the free LetsEncrypt certificate authority. We should write a library/agent to automate this process for end users and for application developers.

Use Case

An OnionShare user would like to securely and anonymously send a file to a journalist. This journalist is not using Tor. It should be possible for the user to open OnionShare and choose to "Make a public link.

This would automatically connect to an API on a public oniongateway resolver and register a subdomain which gets pointed at the ephemeral OnionShare hidden service. The oniongateway agent will then request a TLS certificate from LetsEncrypt by using the TLS SNI domain validation method. LetsEncrypt will issue the cert and the webserver in OnionShare gets reconfigured to also listen on port 443 with the new TLS cert.

The user now has the option to copy their URL as http://jfiawjx47wnbpxag.onion/49500b26fcfd9a17dc061f83f56a4753 or https://life-size-metalhead.oniongate.com

starius commented 8 years ago

Great idea!

For example, all subdomains of oniongate.com are delegated to our service. The service will have API which takes onion address and provides random subdomain for it. (Or it can take the subdomain as well, but it should be done carefully not to give subdomains like www.) We can store map[domain]onion in etcd and consult with it in TXT DNS requests sent by entry_proxy.

To prevent flooding, the API will check existence of the onion site provided by connecting to its 443 port. Creation of working onion address is time consuming procedure, so it can work as proof of work in this situation.

Should subdomains expire if onion address is dead?

Should we provide an option to edit mapping (change onion address behind a subdomain)?

starius commented 8 years ago

Using Let’s Encrypt to make certificates for domains like life-size-metalhead.oniongate.com is limited by 20 subdomains per 7 days.