On Jun 12, 2017, at 11:00 AM, Job Snijders <job@xxxxxxx> wrote: > NEW: > The situation was somewhat forced, both by the fact that use of the > .onion domain name by the Tor Project predates the process described > in RFC 6761 by 9 years, and because a deadline [CABF-DEADLINE] had > been set by the CA/Browser Forum [CABF] after which all PKI > certificates for internal names would expire and no new certificates > would be issued. At the time .onion was considered an internal name. > IETF recognition of the .onion as a Special-Use Top-Level Domain Name > facilitated the development of a certificate issuance process > specific to .onion domain names [CABF-BALLOT144]. > > [CABF-DEADLINE] should link to https://www.digicert.com/internal-names.htm > [CABF] should link to https://cabforum.org/ > [CABF-BALLOT144] should link to https://cabforum.org/2015/02/18/ballot-144-validation-rules-dot-onion-names/ Thanks, I think this is better text. > I wasn't there, but reading ballot-144, some cabforum mails, and > https://blog.torproject.org/blog/landmark-hidden-services-onion-names-reserved-ietf > it appears to me that all parties involved were actively trying to fix a > long standing broken situation. Yes, that's what it looked like to me as well.