What Are .onion Domains And How To Get One?

Onion Domains Tor

.onion is a top-level domain suffix that is specially used as an anonymous hidden service and can be accessed through the Tor network. These types of addresses are actually not DNS names as the .onion TLD is not in the Internet DNS root (ICANN). However, by installing suitable proxy software and sending the request via the Tor server network, sites with .onion addresses can be accessed by internet programs like web browsers.

The essence of using this system is to make it more difficult for the information provider to trace the person accessing the information and vice versa, as well as prevent an intermediate network host, or an outsider from such access.

Domain Format

Generally, addresses in the .onion TLD consist of 16-character alpha-semi-numeric hashes which are incomprehensible and non-mnemonic in nature and are automatically created when a hidden service is configured using a public key. Decimal digits from 2 to 7 and any letter of the alphabet can be used to create these 16-character hashes, which thus represents an 80-bit number in base32. By continuously creating huge numbers of key pairs until a desirable URL is found (which is a computational process that can be done simultaneously), a human-readable .onion URL, like the one that begins with an organization name, can be set up. We can help you do this as well as specify the first 8 characters of the domain. The onion routing technique that Tor uses to achieve a high level of anonymity gave rise to the "onion" name.

WWW to .onion Gateways

Non-Tor browsers, as well as search engines that are not Tor-aware, can have access to hidden services by using proxies like Tor2web in the Tor network. Users lose their own anonymity by using a trusted gateway to deliver the correct content. However, it is not recommended to browse this way because the browser can be fingerprinted by both the gateway and the hidden service, and the user IP address data can be accessed. In order to provide a faster page-loading that is much better than the official Tor Browser, caching techniques are used by some proxies.

Official Designation

Just like suffixes used in earlier times such as .bitnet and .uucp, the domain was actually regarded as a top-level pseudo domain host suffix. .onion was designated as a ‘special use domain’ by IANA, ICANN and the IETF on the 9th of September 2015, and it became an official status after Alec Muffett (who is the security engineer of Facebook) and Jacob Appelbaum of the Tor Project submitted a proposal to this effect. Currently, these procedures are being considered for blockchain-based .bit and .eth domains.

HTTPS/TLS support

People making use of traditional HTTPS clearnet sites are at risks of SSL stripping attacks due to malicious exit nodes on the Tor network. An additional layer of identity assurance can be provided by sites that offer dedicated .onion addresses through certificates. Although with the native encryption features of Tor, the encryption itself is technically not necessary. Browser features, which otherwise would not be available to users of .onion sites, are enabled with the provision of HTTPS certificates.

Before the CA/Browser Forum Ballot 144 was adopted, it was only possible to obtain HTTPS certificate for a .onion name by considering .onion as an Internal Server Name. As stipulated in the Baseline Requirements of the CA/Browser Forum, these certificates were expected to expire before the 1st of November 2015 after being issued. Regardless of these restrictions, certificate authority partnerships were formed by four organizations in order to achieve this.

.onion now satisfies the RFC 6761 criteria after the CA/Browser Forum Ballot 144 was adopted and the domain was designated as 'special use' in September 2015. SSL certificates for HTTPS .onion sites are expected to be issued by certificate authorities, in accordance with the documented procedures provided in the Baseline Requirements of the CA/Brower Forum, which were introduced in Ballot 144.

Buy / Get a .onion Domain Name

Following the official instructions, the system will generate for you a random domain name, for example: d26D7kc51asqdpzm.onion

Via our service, you can specify the first up to 8 characters, for example: yourname1asqdpzm.onion

Keep in mind that .onion domains are not blockchain-based. They are not recorded in any central registry or blockchain. You will only receive a private key!

Register Your .onion Domain Now