As someone with moderate experience in both DNS and web server configuration, FWIW I found the meaning relatively obvious. The notion that HTTP Host headers might be used to change web server response independent of name resolution (e.g. that two names that return identical responses to every possible DNS query, but produce different web server responses) has been fairly intrinsic to how web servers operate for a couple of decades now, and this seems a simple but useful clarification regarding how this operates for .onion names to me.
David > On 17 Jul 2015, at 11:17 pm, Eliot Lear <l...@cisco.com> wrote: > > Hi Richard, > > Thanks for the explanation. Please see below. > > On 7/17/15 4:38 PM, Richard Barnes wrote: >> On Fri, Jul 17, 2015 at 4:20 PM, Eliot Lear <l...@cisco.com> wrote: >>> I have no particular objection to the concept here, but I do have a >>> question about one sentence in the draft. Section 1 states: >>>> Like Top-Level Domain Names, .onion addresses can have an arbitrary >>>> number of subdomain components. This information is not meaningful >>>> to the Tor protocol, but can be used in application protocols like >>>> HTTP [RFC7230]. >>>> >>> I honestly don't understand what is being stated here, or why a claim is >>> made about HTTP at all in this document. Are we talking about the >>> common practice of www.example.com == example.com? And what >>> significance does that last phrase have to the document? >> I made a comment on this to the authors earlier, and they decided to >> leave it as-is :) >> >> The idea is that TOR routing will only use the first label after >> .onion, but if you're using the .onion name in an application, that >> application might use the whole name. For example, if you put >> "http://mail.example.onion/";, TOR will route on "example.onion", but >> the HTTP Host header might be "mail.example.onion". >> >> - > > I just leave the IESG and WG with the comment that two of us "old > timers" are trying to divine the meaning of those two sentences, and > that can't be good for others with (even) less clue. Personally I think > the easiest approach is to remove those two sentences, but if others > really disagree, then a bit more clarity seems in order. > > Eliot > > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org <mailto:DNSOP@ietf.org> > https://www.ietf.org/mailman/listinfo/dnsop > <https://www.ietf.org/mailman/listinfo/dnsop>
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
