Voting has ended amendment SC27v3 to the Basic Requirements, according to which certification centers issue SSL certificates. As a result, the amendment allowing, under certain conditions, to issue DV or OV certificates for .onion domain names for Tor hidden services was adopted.
Previously, only the issuance of EV certificates was allowed due to the lack of cryptographic strength of the algorithms associated with hidden service domain names. After the amendment comes into force, the validation method will become valid when the owner of a hidden service accessible via the HTTP protocol makes a change requested by the certification authority on the site, for example, placing a file with the specified content at the specified address.
As an alternative method, only available to hidden services using version 3 onion addresses, it is also proposed to allow the signing of the certificate request with the same key used by the hidden service for Tor routing. To protect against abuse, this certificate request requires two special entries containing random numbers generated by the certificate authority and the owner of the service.
9 out of 15 representatives of certification authorities and 4 out of 4 representatives of companies developing web browsers voted for the amendment. There were no votes against.
Source: linux.org.ru