>I thought the "domain name" was already the hash of some public key

With v3 it's the ed25519 key with a checksum.

For something like a Cwtch address or your personal dissident blog criticizing Emutopia, it's enough your contacts get the address from you personally or that they find it some other way and pin the site to bookmarks for TOFU.

But with public services like Duckduckgo onion service, it's possible for people to trivially spin up their own unique per-target MITM proxy server instance, and share the link to their friends, bookmark it to their SO's Tor browser and MITM their connections, poison link repositories, or official links on wikipedia pages etc.

Having a CA validate you own the clearweb site first helps mitigate this stuff to some extent. Problem is of course, will the user know if they're supposed to be expecting a cert for a page they visit the first time.

(I wonder if Tor browser could have a list of pinned onion addresses with "clearweb_equivalent_of" field for this, and you could easily check that from the site security badge.)

▲

xg15 5 days ago | parent [-]

This seems like a general problem of using search on onion. I don't really understand how this is supposed to work at all, honestly.

Either you already know the domain you want to visit or you don't.

If you do, you don't need search.

If you don't, how could you be sure that any search results are for the real site and not an MITM proxy?

	▲	keepamovin 5 days ago \| parent [-]
		A bit circular. How do you know the domain? Trust. I like this “onion pinning” possibility: There is value in exposing the existence of an onion site via CT Logs. If someone navigates to the plain web version of a site, and is presented with a certificate containing a Subject Alternative Name (SAN) for both the plain web and the onion site that provides a strong cryptographic guarantee that they are the same site. Effectively this would replace the Onion-Location header with something more authenticated.