On 10/07/2016 08:56 PM, Tim Wicinski wrote:
>
> Special Use Names Summary
>
Hello DNSOP WG,
I let a week pass so that others can comment, but apparently this
summary didn't bring much of them. Indeed I have a troubling issue with
it: how is that actionable? IOW, what's next?
Thank you,
==
On 10/07/2016 06:36 PM, Alain Durand wrote:
>
> However, there is something that can be done before: provide a safe place
> in the DNS tree where people can exist without colliding with the rest of
> the tree. We can't prevent people from ignoring it and keep using whatever
> name they want, but
On 10/06/2016 09:22 AM, avri doria wrote:
>
> As for the so-called toxic waste names (i really find that terminology
> problematic)
>
I agree it's a problem to use that kind of vocabulary to convey a
technical context.
> the so called waste pile of usurped names
>
Therefore this is also a
On 10/01/2016 07:12 PM, Paul Wouters wrote:
>
> the IETF doesn't have the money for lawyers in that arena.
>
> [snip]
>
> I do not think the IETF should create "Special Names" that conflict
> with the naming process which has been delegated to ICANN.
>
> [snip]
>
> The IETF giving them .onion in
On 09/27/2016 02:37 AM, Warren Kumari wrote:
>
> My opinion really doesn't matter, but I happen to think that, at this
> point, we should evaluate the requested P2P names according to RFC
> 6761 -- you followed the process in effect *at the time*, and jumped
> through many hoops. The process is
On 09/12/2016 11:57 AM, internet-dra...@ietf.org wrote:
>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Domain Name System Operations of the IETF.
>
> Title : The ALT Special Use Top Level Domain
>
On 09/21/2016 11:30 PM, George Michaelson wrote:
> None of these named spaces would "fail" to work as sub-spaces of .ALT
> or .arpa or any other community-led IETF tech community managed label.
>
All of them with a requirement for global uniqueness will fail with
.ALT, per .ALT draft. Etc.
>
On 09/22/2016 12:31 AM, George Michaelson wrote:
>
> what community burden is taken in the wide, if a new TLD is
> allocated in 6761 to break out of the DNS.
>
I'm sorry but, what do you mean 'to break out of the DNS'?
==
hk
___
DNSOP mailing list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/20/2016 08:57 AM, Suzanne Woolf wrote:
>
> In a real sense the question at hand is a very practical one:
> “Which of these documents do you think needs less work?"
>
Having read both drafts, and from the perspective of "Names resolved *
with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/20/2016 01:33 PM, Stephane Bortzmeyer wrote:
>
> And I'm still not convinced there is a problem to solve
> (unless the real issue is "how to prevent the registration of .gnu and
> .bit?")
>
Even if I supported the SUDN of P2P systems draft
On 02/12/2016 01:48 AM, Suzanne Woolf wrote:
>
> http://datatracker.ietf.org/doc/draft-adpkja-dnsop-special-names-problem/
>
Hello,
This ID seems to require the definition of a new registry, and Section 6
to suggest how this would be used. I think this goes way beyond what
needs to be done in
On 01/28/2016 05:38 PM, Paul Hoffman wrote:
> Suzanne: Since you are one of the BoF initiators here, maybe you can
> clarify a few things.
>
> - How does this relate to the other DNSOP work in this area such as .alt?
>
> - Does this change the work of the 6761bis design team?
>
> - How is it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 11/26/2015 06:38 AM, Mark Nottingham wrote:
>
> Given this context, I was disturbed to hear the design team presentati
on
> in Yokohama
>
So you mean there's an already working team on the revision of RFC6761,
and that team had the time to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 11/04/2015 03:26 AM, Stephane Bortzmeyer wrote:
> On Sun, Nov 01, 2015 at 03:06:04AM -0500,
> Warren Kumari wrote
> a message of 28 lines which said:
>
>> The chairs also asked for volunteers for the design team on October
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/21/2015 11:50 AM, Edward Lewis wrote:
>
> I think defining -whether- name.onion is a Domain Name will make us
> re-think how Domain Names interoperate amongst protocols beyond the DN
S.
>
Agreed, but why limit to .onion? Can your example
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/09/2015 05:14 AM, internet-dra...@ietf.org wrote:
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-onion-tld/
>
I welcome the new draft. I must have missed the discussion for this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/03/2015 11:36 AM, Joel Halpern wrote:
> Actually, DownRef won't cut it as far as I can tell.
>
> The two documents are not stable. As a github reference,
> they are simply "the most current version of foo".
>
Come on, GitHub is a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09/01/2015 07:39 PM, Jacob Appelbaum wrote:
>
> Tor doesn't leak .onions
>
> If the name is reserved and the process is followed, we'll hopefully
> be able to stop most of the leakage in the DNS.
>
One clear example that was documented
On 08/10/2015 01:50 PM, Ted Hardie wrote:
It does a fine job with .example since that's fundamentally
just a reservation, but .onion is showing its warts.
Hi Ted,
I fully agree with Alec, and do not understand how .onion would differ
from .example in that case, especially since as we're
On 07/20/2015 10:34 AM, Eliot Lear wrote:
So... Alec and I did a bit of wordsmithing and what I propose is a
slight clarification on the existing text, based on this exchange, and
here it is:
Like Top-Level Domain Names, .onion addresses can have an arbitrary
number of subdomain
that tor-address also ought to be a normative
reference.
Minor issues: It is not clear that a github reference without version
identification is sufficiently stable for a normative reference from an RFC.
Hi Joel,
hellekin started a discussion on the tor-dev list about getting a URI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/17/2015 11:20 AM, Eliot Lear wrote:
I have no particular objection to the concept here, but I do have a
question about one sentence in the draft. Section 1 states:
Like Top-Level Domain Names, .onion addresses can have an
arbitrary
On 07/17/2015 11:32 AM, David Conrad wrote:
No. .LOCAL was not already in the root zone. .FOO is.
*** Therefore the .FOO label is not available for Special-Use anymore,
end of story. A Special-Use name cannot be an already registered name in
the root zone.
If you referring to e.g., .corp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/17/2015 07:07 AM, Andrew Sullivan wrote:
On Thu, Jul 16, 2015 at 11:39:24PM -0700, Paul Vixie wrote:
we only need one cutout, something like .external, with an
IANA-maintained registry of non-dns uses, each pointing to an RFC
that
On 07/17/2015 12:17 PM, Eliot Lear wrote:
On Fri, Jul 17, 2015 at 4:20 PM, Eliot Lear l...@cisco.com wrote:
I have no particular objection to the concept here, but I do have a
question about one sentence in the draft. Section 1 states:
Like Top-Level Domain Names, .onion addresses can have
On 07/17/2015 02:57 PM, Paul Vixie wrote:
i would argue, by the way, that onion is a kind of technology, onion
routing, of which Tor is the first and best-known but not the last. so,
i'll prefer .tor.external over .onion.external.
[snip]
compared to alt, yes. note that .external is long
On 07/17/2015 03:10 PM, Paul Vixie wrote:
i apologize for the lack of a pre-existing syntactic framework into
which tor's names could have been encapsulated from the outset. i
apologize even more for the fact that tor's perfectly reasonable request
for .onion is now causing this working
On 07/17/2015 10:41 PM, John Levine wrote:
A mechanical criterion might be observable traffic from at least
100,000 different IP addresses every day for at least 30 days.
That'd be a horrible criterion, not least because it's easy
for a modestly well funded adversary to fake.
*** Also, if
On 07/17/2015 10:39 PM, Ralf Weber wrote:
Am I right that there is leakage of dns requests with
.onion TLDs? If so isn't that a bug in their software?
*** Almost:
1) .onion is not a TLD (sorry, I made the mistake myself to abuse TLD,
although I had defined pTLD for that purpose--as in:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/15/2015 03:55 PM, David Conrad wrote:
I'm intrigued how you derived an insult from my statement
that it was squatting.
I guess that's the proximity of blunt and squatting that gave me
this impression.
You're wrong.
I stand
On 07/15/2015 03:46 PM, Edward Lewis wrote:
What if I copied the onion draft, changed all of the uses of onion to
carrot, and then threw in some supporting documents to describe some
other system that used carrot as it's base identifier? On the heels
of onion's admission to the Special Use
On 07/15/2015 09:42 AM, Edward Lewis wrote:
The document defines the use of the name by referring to a couple of
references, none of which appears to be published in a way that can be
referenced except by URL.
I agree that the URL could be use more foresight, e.g.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/14/2015 11:37 PM, David Conrad wrote:
To put it bluntly, from a certain perspective, 6762 and
dnsop-onion are essentially about the same thing: they are
formalizing squatting on namespace (by Apple in the first
instance and by TOR in the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/08/2015 08:36 AM, Suzanne Woolf wrote:
It further seems to me that an attempt to list names that are
currently in the public root zone or might someday be in the public
root zone has a high risk of being simply backwards if the purpose
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/02/2015 10:05 AM, Edward Lewis wrote:
You're right. To underscore, it's because of the groups that
don't engage, and have no responsibility to do so, that the IETF
has to defend itself.
It wouldn't take much work
Keep in mind that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 06/22/2015 04:21 PM, Tim Wicinski wrote:
While I understand why you feel 2.6 should contain information about
user's privacy, it currently seems to meet the requirements for
[RFC6761].
*** I consider important that readers keep the primary
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 06/20/2015 03:12 PM, internet-dra...@ietf.org wrote:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-onion-tld/
*** 2.3 has a repeat either.
2.6 reads correctly, but the more important reason IMO is the risk of
privacy leak for the user.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/15/2015 08:28 AM, Hugo Maxwell Connery wrote:
Hi,
*** Thank you for this report. I hope to read the minutes soon.
*
I note that you omitted to mention Namecoin and the .BIT pTLD.
*
You wrote, referring to overlay networks: Their
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/13/2015 05:51 PM, John Levine wrote:
which means that ICANN is sitting on $3.7 million in
application fees which they will presumably have to refund, as well as
five withdrawn applications from parties who got partial refunds and
would
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/13/2015 03:05 PM, Andrew Sullivan wrote:
we should not be poaching on turf already handed to someone else.
Managing top-level domains that are intended to be looked up in the
DNS -- even if people expect them to be part of a local root or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/12/2015 03:12 AM, Alec Muffett wrote:
... both Firefox...
One of them - the Tor Browser - is using a SOCKS daemon which knows
that “.onion” is special and shouldn’t be looked up in the public DNS.
*** So in my understanding of the scope
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/12/2015 04:18 AM, Alec Muffett wrote:
On May 12, 2015, at 7:44 AM, hellekin helle...@gnu.org wrote:
*** So in my understanding of the scope boundaries of RFC6761 IANA
considerations, which seems to be the main difference between our
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/12/2015 09:23 AM, Andrew Sullivan wrote:
Is your complaint that appelbaum-dnsop-onion reads to you as though
such special applications are the only way to do this? If so, then
you're right that it needs adjustment.
*** Yes, my concern
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
How does one join the meeting with XMPP?
I confirm that the WebEx software is not compatible with my OS.
==
hk
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQJ8BAEBCgBmBQJVUiIFXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Since Alec Muffett seems to have better things to do, I feel obligated
to do what he should have done before publishing his draft: comparing
the IANA Considerations for .onion in the
draft-grothoff-iesg-special-use-p2p-names-04 (P2PNames) and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/11/2015 08:21 PM, Alec Muffett wrote:
This might be an issue so long as your threat model includes blindly
unaware users who are typing .onion addresses into non-Tor-capable
browsers in the (presumably first-time) expectation that it will
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/08/2015 01:48 PM, David Conrad wrote:
Mark,
home, corp and perhaps mail need special handling if we really
want to not cause problems for those using those tlds internally.
Why?
*** Citing IETF92 slides by Lyman Chapin and Mark
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 05/06/2015 03:07 PM, Suzanne Woolf wrote:
Logistics details will follow shortly, but we have a webex URL
*** As far as I understand, WebEx requires non-free software to work,
which is a problem that will certainly make my participation more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The authors of draft-grothoff-iesg-special-use-p2p-names are about to
release a new version of the P2PNames draft that integrates the comments
we've received from the P2P systems community. Unfortunately, the
previous draft didn't receive much
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/23/15 10:31, Andrew Sullivan wrote:
if somehow the onion name leaked and ended up in the DNS, it's not a
big deal
*** Well, although you're right as far as *applications* are concerned,
this is still a big deal because humans are using
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/24/15 20:03, Alec Muffett wrote:
Hi Hellekin!
I would agree that leak avoidance is “a major” rather than “the prime”
point of having .onion reserved as a TLD.
*** Agreed. I came from the privacy side of the arguments, which tends
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/18/15 08:01, Jaap Akkerhuis wrote:
Following this discussion from a distance, I cannot help wondering
whether this is special names stuff might in violate RFC 2860 section 4.3.
*** Assignment of special names belongs to assignment of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/17/15 18:39, Tim Wicinski wrote:
the implications of widening use of RFC 6761.
*** You certainly mean: the implications of using RFC 6761, given that
so far, it's only been used by its creator, Apple Inc. in RFC 6762 (if
6761 itself is not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Do you have feedback on the idea of an interim meeting for DNSOP to address
these drafts in more depth
*** Thank you Suzanne for your clarification.
My only feedback is that such meeting is very welcome. I hope the
discussion will be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/17/15 12:58, David Conrad wrote:
I doubt arguments of this nature are particular helpful.
*** I feel obliged to reflect this to you.
My personal observation is that one of the problems with your draft
*** Maybe you should direct
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 03/16/15 23:20, Paul Wouters wrote:
It seems odd that two documents would be requesting an IANA action for
.onion ?
*** Well yes, it sounds like a mistake to me. But we can also consider
it a god-given gift for people who argued against
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/15/15 21:00, Warren Kumari wrote:
draft-grothoff-iesg-special-use-p2p-names-04, Section 3 (Terminology
and Conventions Used in This Document):
The abbreviation pTLD is used in this document to mean a pseudo
Top-Level Domain, i.e., a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/05/2015 07:59 PM, Mark Andrews wrote:
But be careful. There be dragons here. Computers updating computers to cont
rol who controls the domains?
Computers update computers all the time. It's about establishing
the right controls.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/25/2015 09:01 PM, Paul Vixie wrote:
get the IETF to recommend to IANA that these names be reserved
*** Yes indeed. Can we get back to the draft-04? It sure will bring up
some interesting if not controversial comments, as some parts
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dear list members,
today the French newspaper Le Monde published information on a secret
NSA program, MORECOWBELL [0], that reveals the agency has been using the
DNS infrastructure to monitor host and website activity across the Internet.
This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/06/2015 09:42 PM, Rubens Kuhl wrote:
Which perhaps suggests an W3C approach instead of an IETF one ?
httpoo://(ToR identifier) (oo for over onion, although it makes a curious
acronym)
httpob://(name coin address)
*** Our draft is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/07/2015 12:38 AM, Andrew Sullivan wrote:
Some of these proposals are in fact using names in domain name slots
as ways of indicating that the protocol itself ought to be
different. The hint a name below onion is giving is, Not really the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/05/2015 03:25 PM, David Conrad wrote:
I think you missed Andrew's point.
*** Thank you David for shedding some light.
All 6 technologies use a string that looks like a domain name
but isn't intended for use in the DNS. Why does it
, and Tor
- - Remove alternate (confusing) use of dot-tld notation
- - Add Leif Ryge as author
- - Integrate community feedback
If you're tweeting, you're welcome to circulate
https://twitter.com/hellekin/status/548082724980797440 and the #P2PNames
hashtag.
Thank you for your attention, and happy birthday
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 11/09/2014 06:35 PM, Phillip Hallam-Baker wrote:
If you want to do anything useful in counter-censorship then you have
to think of using steganography
*** If you use steganography, that probably means you're sending secrets
over a cleartext
for
special use.
The following six domains relate to security-focused peer-to-peer
systems. They are: .gnu, .zkey, .onion, .exit, .i2p, and
.bit.
*
Thank you for your attention and consideration,
Hellekin O. Wolf, editor.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux
66 matches
Mail list logo