 | |
| Introduced | 2004 |
|---|---|
| TLD type | Host suffix |
| Status | Not in root, but used by Tor clients, servers, and proxies |
| Registry | Tor |
| Intended use | To designate an onion service reachable via Tor |
| Actual use | Used by Tor users for services in which both the provider and the user are anonymous and difficult to trace |
| Registration restrictions | Addresses are "registered" automatically by Tor client when an onion service is set up |
| Structure | Names are opaque strings generated from public keys |
| Documents | |
| Dispute policies | N/A |
.onion is a special-use top-level domain name designating an anonymous onion service, which was formerly known as a "hidden service",[1] reachable via the Tor network. Such addresses are not actual DNS names, and the .onion TLD is not in the Internet DNS root, but with the appropriate proxy software installed, Internet programs such as web browsers can access sites with .onion addresses by sending the request through the Tor network.
The purpose of using such a system is to make both the information provider and the person accessing the information more difficult to trace, whether by one another, by an intermediate network host, or by an outsider. Sites that offer dedicated .onion addresses may provide an additional layer of identity assurance via EV HTTPS Certificates.[citation needed] Provision of an onion site also helps mitigate SSL stripping attacks by malicious exit nodes on the Tor network upon users who would otherwise access traditional HTTPS clearnet sites over Tor.[citation needed]
- ^ Winter, Philipp. "How Do Tor Users Interact With Onion Services?" (PDF). Retrieved 27 December 2018.