-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/12/2015 03:12 AM, Alec Muffett wrote: > > ... both Firefox... > One of them - the Tor Browser - is using a SOCKS daemon which knows > that “.onion” is special and shouldn’t be looked up in the public DNS. > *** So in my understanding of the scope boundaries of RFC6761 IANA considerations, which seems to be the main difference between our drafts and our respective positions, the former is "an application", while the latter bundles "an application" and "a name resolution API or library".
In this understanding, the result obtained by the naked Firefox is consistent with the application not caring about name resolution, not considering .onion special, and returning NXDOMAIN for the unknown domain like it would for a non-existent .com ; respectively, the Tor browser bundle matches the description as well, serving the onion site successfully and without prejudice, thanks to the availability of non-DNS Tor name resolution via the SOCKS proxy. (Other successful Tor onionspace-browsing setups could use a naked Firefox with an IPtables set to direct packets on port 53 to the Tor resolver: a separate application + resolver setup.) Sleep tight == hk -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJVUaEoXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQ0IyNkIyRTNDNzEyMTc2OUEzNEM4ODU0 ODA2QzM2M0ZDMTg5ODNEAAoJEEgGw2P8GJg9GxUP/2/6Ra6ocakvChEHgKUzpaaC +c0nENpPgvZUHlwHM75ZOlvqlXaZkW2yAfK6diTZSGXd6v6Sduq1s0O2olgg5TVN 3rcuLWfbYwRl0m6bQgOotWU2S2qumvwy49Ad38W8FarOYRerH9NTeqJQ/Vu52pl/ zWQx7IjqNT3rSYaT2ecrE0rcfdtXCyspFjvGvP9Dg92lyeipLSiDHAxSsAyudO4S RPve4LdDx+6/WKzpO1TiqcpD/ggwVAY4Mj7jGDLC6DRHml0WakZ07PGxj1a7gaUN XbXtmMkC5lZgtsxxsk572C+a6BEth66zlvuJ2IusrJyXZSsGfvQJxxPMjzyk8Y9Q D4wdMSKV1pnyBWvF5hMbmqaQIo/jZyeMSBUKSNA92mYS5+KUXpclxqQisDNNWSVj 4cQqcc8AhF+kxSUWqFqg6/RVMpZypw+WEoOpGxHoszCqJqPI+XFGOG6jDA6IypYn /FEFUrX8u1OFP6Py2fzVeQz6IbJaGnNU/MsNI9hmcDa81OPjcXWUzBMXOkL/++jZ TBheZlOrhdQ/+GcrHaBITChBjyO6eUsV2Uls6NaarWrBWjlsPdjw7K+v+0xh6LyU Mc6/RuJnfpE3KYzRoIylcUJ9ypkoiRG82xM+qfPgTPWU0Kfl+mIMx0oNOvedXV+m pIq1dVpWb7arRFUpuCFs =p038 -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop