-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/23/15 10:31, Andrew Sullivan wrote:
if somehow the onion name leaked and ended up in the DNS, it's not a
big deal
*** Well, although you're right as far as *applications* are concerned,
this is still a big deal because humans are using
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/24/15 20:03, Alec Muffett wrote:
Hi Hellekin!
I would agree that leak avoidance is “a major” rather than “the prime”
point of having .onion reserved as a TLD.
*** Agreed. I came from the privacy side of the arguments, which tends
to
Hi Hellekin!
I would agree that leak avoidance is “a major” rather than “the prime”
point of having .onion reserved as a TLD.
There are many good reasons for reserving “.onion” as a TLD, including but
not limited to:
- avoiding leaks (above)
- not wasting resource on trying to resolve the
Alec, would you care to explain
the differences on the IANA
considerations between this
draft and the P2PNames draft
Woo! I'm honoured, but I am a considerably less IANA-informed schmuck than you
take me for. :-)
I've been heads-down in Tor and the wider Tor community for some time now, and
Hi Andrew,
If I understand your question correctly, you are asking whether in the
instance that a DNS server receives and caches a NXDOMAIN for some/all
.onion, whether that could impact software which uses Tor?
Software which uses Tor does so via a proxy which internally performs the
resolution
First, sorry, I don't know why I wrote section 4; this is section 2,
but I think you understood me.
On Mon, Mar 23, 2015 at 12:57:53PM +, Alec Muffett wrote:
a) the software in question is talking to a Tor proxy which acts as a
gateway to the Tor network (and to the rest of the
On Sat, Mar 21, 2015 at 6:12 PM, Andrew Sullivan a...@anvilwalrusden.com
wrote:
Dear colleagues,
On Mon, Mar 16, 2015 at 10:16:37PM +, Jacob Appelbaum wrote:
I realized after uploading that I hadn't sent this along for discussion.
Name: draft-appelbaum-dnsop-onion-tld
To begin with, in general I think this document is on the right path
and something very close to it should be published. It's
narrowly-focussed,
Agreed. Let's do these special case TLDLTs (top level domain like
things) one at a time unless there's a group with identical technical
and usage
On 03/17/2015 04:16 PM, Christian Grothoff wrote:
it's a Lex Facebook, just like reserving .local was a Lex Apple. I'm not
generally against those at all, but I personally dislike that IETF
passes things
quickly if they are backed by multi-billion dollar companies,
The reservation of
On 3/17/15, 21:53, Richard Barnes r...@ipv.sx wrote:
The only nit I would pick with the above is that it's perfectly possible
to *specify* what should be done, but of course one should not expect
that to instantly change everyone's behavior.
A preamble - I don't think what is perfectly possible
Alec,
On Mar 17, 2015, at 9:20 AM, Alec Muffett al...@fb.com wrote:
Christian’s response clearly distinguishes the separateness of Jake my
document draft-appelbaum-dnsop-onion-tld-00.txt” from his
“draft-grothoff-iesg-special-use-p2p-names”.
Yes. Hopefully, a revised version of
Rubens, allow me please to direct your attention to:
https://cabforum.org/2015/02/18/ballot-144-validation-rules-dot-onion-names
/
Aside: EV certificates are what will be issued for Onion addresses, even
wildcard onion address certificates, for reasons explained on the Ballot.
- alec
On
(cc:s trimmed)
On Tue, Mar 17, 2015 at 04:16:02PM +0100, Christian Grothoff wrote:
it's a Lex Facebook, just like reserving .local was a Lex Apple. I'm not
generally against those at all, but I personally dislike that IETF
passes things
quickly if they are backed by multi-billion dollar
On Tue, Mar 17, 2015 at 12:59:25PM -0400, Richard Barnes wrote:
If an application does not implement tor, and is not tor aware, it
_will_ do a DNS lookup. You can't really go ask the world to stop
doing that. You need to deal with that fact.
The entire point of the special use
Considering .onion is a non-resolving TLD, how would a CA issue a certificate
for a .onion name that they can't verify whether the requester is the
administrator of that service ? DV certificates can use lots of mechanisms to
verify that, but is one of them feasible for CAs to use ?
Rubens
On Mar 17, 2015, at 4:01 PM, Alec Muffett al...@fb.com
mailto:al...@fb.com wrote:
Hi Rubens!
On 3/17/15, 6:34 PM, Rubens Kuhl rube...@nic.br mailto:rube...@nic.br
wrote:
And where in this ballot is there a need for explicit reserving of
.onion, since CAs already know they
Before this discussion becomes derailed by discussion of the strategies of
the contents of other proposals, I would like to round this discussion
back to the matter of the draft-appelbaum-dnsop-onion-tld-00.txt document:
Christian’s response clearly distinguishes the separateness of Jake my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/17/15 12:58, David Conrad wrote:
I doubt arguments of this nature are particular helpful.
*** I feel obliged to reflect this to you.
My personal observation is that one of the problems with your draft
*** Maybe you should direct
On 3/17/15 4:20 PM, Alec Muffett wrote:
Before this discussion becomes derailed by discussion of the strategies of
the contents of other proposals, I would like to round this discussion
back to the matter of the draft-appelbaum-dnsop-onion-tld-00.txt document:
Christian’s response clearly
On Mon, 16 Mar 2015, Jacob Appelbaum wrote:
Subject: [DNSOP] discussion for draft-appelbaum-dnsop-onion-tld-00.txt
Is this meant to replace or augment draft-grothoff-iesg-special-use-p2p-names ?
- most importantly is the date October 1st. On that date we'll have a
death day for currently
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/16/15 23:20, Paul Wouters wrote:
It seems odd that two documents would be requesting an IANA action for
.onion ?
*** Well yes, it sounds like a mistake to me. But we can also consider
it a god-given gift for people who argued against
21 matches
Mail list logo
