Please do not put words in my mouth. They're important but they're not a
DNS problem.
I think reasonable people might disagree?
Not really. It's a layering issue.
In my view and the DNS has a critical flaw: it does not provide query privacy.
It can't be a critical flaw -- if it were we'd consider the DNS to be
broken and we wouldn't be using it. It's certainly true that people
are using the DNS in environments that nobody imagined in the 1980s,
and some of those environments have desiderata like query privacy
that DNS classic doesn't.
Also please keep in mind that we're having this discussion because of
design tradeoffs in the implementation of Tor. If they'd made onion a
URI scheme rather than a pseudo-domain, onion://blah rather than
http://blah.onion, there's be no leakage problem since browsers that
don't know about onion: would just reject them. Using a pseudo-domain
made it possible to put the Tor implementation into a SOCKS proxy
which made the implementation a lot easier, but created the leakage
problem.
While I have a great deal of sympathy for the goals of the Tor
project, I do not think it is solely up to us to protect them and
their users from the consequences of their design tradeoffs.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
