Dear Let's Encrypt Team,
I would like to formally request Let's Encrypt to consider issuing free SSL certificates for Tor .onion v3 addresses.
As stated in the official Tor Project documentation:
"Recently in 2020, the Certificate Authority/Browser Forum voted and approved version 3 onion certificates, so CAs are now allowed to issue Domain Validation (DV) and Organization Validation (OV) certificates containing Tor onion addresses. In the nearby future, we hope that Let's Encrypt CA can start issuing v3 onion certificates for free."
(Source)
Let's Encrypt is a leading provider of free and widely trusted SSL certificates. Allowing .onion site owners to obtain certificates at no cost would significantly enhance the security and privacy of the Tor network. Many privacy-conscious individuals and organizations rely on Let's Encrypt for secure communications, and extending this service to .onion domains would align with Let's Encrypt’s mission of creating a more secure and privacy-respecting internet.
Additionally, I believe that HTTP-based validation would be sufficient for .onion sites within the Tor network. Due to the nature of Tor, it is inherently clear that a web server hosting a .onion address can only be controlled by the entity possessing the corresponding private key. Therefore, it may be feasible for Let's Encrypt to adapt its existing HTTP-01 validation method for Tor, allowing certificates to be issued without requiring additional DNS verification.
I understand that there may be technical and policy challenges involved. However, I sincerely request that Let's Encrypt consider implementing this feature in the future. It would be a significant step toward strengthening the security of Tor onion services and making encrypted connections more accessible to everyone.