Re: [DNSOP] a long way from reservations on reservations, was Barry Leiba's Abstain

2015-09-01 Thread John R Levine
Please do not put words in my mouth. They're important but they're not a DNS problem. I think reasonable people might disagree? Not really. It's a layering issue. In my view and the DNS has a critical flaw: it does not provide query privacy. It can't be a critical flaw -- if it were

Re: [DNSOP] a long way from reservations on reservations, was Barry Leiba's Abstain

2015-09-01 Thread Jacob Appelbaum
On 9/1/15, John R Levine wrote: >>> Please do not put words in my mouth. They're important but they're not >>> a >>> DNS problem. >> >> I think reasonable people might disagree? > > Not really. It's a layering issue. It is a design flaw from an era when fax machines roamed the

Re: [DNSOP] a long way from reservations on reservations, was Barry Leiba's Abstain

2015-09-01 Thread Jacob Appelbaum
On 9/1/15, John R Levine wrote: > Speaking of which ... > >> It is a critical flaw that fails open. The DNS continues to work but >> users are put into harm's way. ... > >>> Also please keep in mind that we're having this discussion because of >>> design tradeoffs in the

Re: [DNSOP] a long way from reservations on reservations, was Barry Leiba's Abstain

2015-09-01 Thread hellekin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 09/01/2015 07:39 PM, Jacob Appelbaum wrote: > > Tor doesn't leak .onions > > If the name is reserved and the process is followed, we'll hopefully > be able to stop most of the leakage in the DNS. > One clear example that was documented

Re: [DNSOP] a long way from reservations on reservations, was Barry Leiba's Abstain

2015-09-01 Thread John R Levine
I'm aware of the context, I'm a co-author of the RFC in question. The solution you present is not practical for integration across most programs without huge modifications to nearly every program. That's what I said. "It's more work than we were willing to do" is a reasonable criterion, but

Re: [DNSOP] a long way from reservations on reservations, was Barry Leiba's Abstain

2015-09-01 Thread Ted Lemon
On Sep 1, 2015, at 6:06 PM, John R Levine wrote: > That's what I said. "It's more work than we were willing to do" is a > reasonable criterion, but it's not the same as "it's impossible". I think it’s "fixing this would involve pervasively fixing a wide range of software we

Re: [DNSOP] a long way from reservations on reservations, was Barry Leiba's Abstain

2015-09-01 Thread John R Levine
Speaking of which ... It is a critical flaw that fails open. The DNS continues to work but users are put into harm's way. ... Also please keep in mind that we're having this discussion because of design tradeoffs in the implementation of Tor. If they'd made onion a URI scheme rather than a