[tor-dev] Proposal 274: A Name System API for Tor Onion Services
teor
teor2345 at gmail.com
Wed Jan 18 05:13:44 UTC 2017
> On 12 Oct 2016, at 09:29, Jesse V <kernelcorn at torproject.org> wrote:
>
> On 10/11/2016 12:53 AM, Jeremy Rand wrote:
>> It's also worth noting that it's been hard enough to get IETF to accept
>> .bit (that effort stalled) -- adding a bunch of other TLD's would
>> probably annoy IETF significantly (and destroy whatever good will exists
>> at IETF right now), and I fully understand why this would annoy them.
>>
>> I'm not really sure what the right mechanism is for a user to specify "I
>> want this request to either use TLS or be resolved to a .onion record"
>> (which seems to be the primary use case here). Does anyone have
>> suggestions?
>
> As I understand it, the spirit of the naming system API is to resolve
> $meaningfulName to $randomAddress.onion. It seems pretty clear its
> focused on A records, but the naming system can support subdomains and
> CNAME records if it likes. My approach with OnioNS is to simply use a
> none-ICANN TLD, which is currently ".tor". There's a Trac ticket on
> which TLD I should use, but it seems most intuitive to use something
> obvious. Someone suggested that we continue to use .onion, but anything
> that isn't 16 chars of base32 should be resolving using the naming
> system. That seems like it would be more confusing. A new TLD seems more
> intuitive.
Yes, and re-using .onion would make (some) 32-character names invalid,
and post prop-224, (some) 53?-character names invalid as well.
This is an undesirable property.
I can also imagine attacks taking advantage of this confusion.
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170118/ef7c8928/attachment-0001.sig>
More information about the tor-dev
mailing list