[tor-talk] ICANN and .onion
A few years ago, ICANN started to accept suggestions for new top-level domain names. A friend recently posted a .onion link to me, and it made me realize that there might be a big problem if a company or organization other than Tor actually registered .onion and made it work in any browser. 1) Has there been any discussions regarding the severity of the problem if it should eventually happen? If so, are the discussions or the result of them available online for reading? 2) Has Tor applied to ICANN about the .onion domain, or discussed the pro and con of doing this? I have been out of the Tor loop for a couple of years, so I'm sorry if this topic has come up in previous discussions - regardless, I could not find an answer. // Anders -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
Anders Andersson: > A few years ago, ICANN started to accept suggestions for new top-level > domain names. A friend recently posted a .onion link to me, and it made me > realize that there might be a big problem if a company or organization > other than Tor actually registered .onion and made it work in any browser. > > 1) Has there been any discussions regarding the severity of the problem if > it should eventually happen? If so, are the discussions or the result of > them available online for reading? > > 2) Has Tor applied to ICANN about the .onion domain, or discussed the pro > and con of doing this? > > > I have been out of the Tor loop for a couple of years, so I'm sorry if this > topic has come up in previous discussions - regardless, I could not find an > answer. > > // Anders > Christian Grothoff and others (from GNUnet) wrote about this already last November: https://lists.torproject.org/pipermail/tor-dev/2013-November/005747.html I don't know the current status though... Cheers, ~flapflap -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
Anders Andersson: > A few years ago, ICANN started to accept suggestions for new top-level > domain names. A friend recently posted a .onion link to me, and it made me > realize that there might be a big problem if a company or organization > other than Tor actually registered .onion and made it work in any browser. > > 1) Has there been any discussions regarding the severity of the problem if > it should eventually happen? If so, are the discussions or the result of > them available online for reading? > > 2) Has Tor applied to ICANN about the .onion domain, or discussed the pro > and con of doing this? https://lists.torproject.org/pipermail/tor-dev/2013-November/005747.html The document actually expired yesterday: https://tools.ietf.org/html/draft-grothoff-iesg-special-use-p2p-names-02 The last call for review on DNSOP has seen no reaction: https://www.ietf.org/mail-archive/web/dnsop/current/msg11364.html I am not familiar enough of IETF processes to know what that means. -- Lunar signature.asc Description: Digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
On Sun, May 18, 2014 at 07:39:24PM +0200, pipat...@gmail.com wrote 0.9K bytes in 0 lines about: : 2) Has Tor applied to ICANN about the .onion domain, or discussed the pro : and con of doing this? We didn't apply, but when inquiring about it, they wanted us to provide trademark proof (which we have) and prepare to bid $100,000-500,000 for the domain. We can do far better things with that money than get a tld. -- Andrew pgp 0x6B4D6475 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
> 1) Has there been any discussions regarding the severity of the problem Seems not much tech issue here, the tor client treats .onion as special and funnels the whole thing to the dht. tor will get a new config bitmap that says 'set priority to resolve .onoin in dht or external first, or remain exclusive in one', plus dedicating different sockports / portflags to all those settings. You're protected by circuits so it won't really matter which one you choose. And onions only have fwd 'A' naming semantics. If your queries are heavy or not exclusive tor will end up eating the useless overhead via dht or exits. So try to play nice and stay off the .onion pron sites ok. Users leaking dns / failing to redirect dns into tor is not a tor problem. > trademark proof (which we have) and prepare to bid $100,000-500,000 Unlikely we'll ever see a return to Postel style grants/reservations even if the UN takes over ICANNt. Likely it'll just not be bought unless some BTC rich cpunk stands up. Remember, this is partly why there are overlay nets, to avoid such stupid hierarchies. > We can do far better things with that money than get a tld. That's 2 - 10 happily paid coders hacking for a year. Too bad tld squatting isn't really infringing, you could sue and profit. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 (resent to the list after subscription. Originally Cced to Lunar and draft-grothoff-iesg-special-use-p2p-na...@tools.ietf.org) On 05/18/2014 04:17 PM, Lunar wrote: > Anders Andersson: >> A few years ago, ICANN started to accept suggestions for new top-level >> domain names. A friend recently posted a .onion link to me, and it made me >> realize that there might be a big problem if a company or organization >> other than Tor actually registered .onion and made it work in any browser. >> >> 1) Has there been any discussions regarding the severity of the problem if >> it should eventually happen? If so, are the discussions or the result of >> them available online for reading? >> >> 2) Has Tor applied to ICANN about the .onion domain, or discussed the pro >> and con of doing this? > > https://lists.torproject.org/pipermail/tor-dev/2013-November/005747.html > > The document actually expired yesterday: > https://tools.ietf.org/html/draft-grothoff-iesg-special-use-p2p-names-02 > *** Thank you Lunar for Ccing me. And thank you Anders for your interest. As far as I know the expiration date is set to September 4, 2014, so we still have some time to take comments and brew a new version. > The last call for review on DNSOP has seen no reaction: > https://www.ietf.org/mail-archive/web/dnsop/current/msg11364.html > > I am not familiar enough of IETF processes to know what that means. > *** The second draft didn't draw much attention from the DNSOP list where the authors were routed to to gather feedback. That draft mainly addressed all criticisms we had received so far, but didn't bring much from the previous one. The current status quo from the IETF so far is that this issue is not a priority. It makes use of the RFC6761 to claim special top domain names but my feeling is that the DNS people would like to see most of "our" issues addressed through DNS itself, and would likely prefer to divide the contents of the RFC into special cases. There's also discussion to rewrite, or amend history and restrict how RFC6761 can be used to not follow the main IETF process. As we didn't receive any more feedback and still have some time to think, and not much novelty to add to the draft besides removing some repetitions, it's been standing there. So I'd be more than happy if other people would like to review it and pinch the ball. The issue Anders is concerned about, namely that some entity could reserve .onion and use it against Tor users, is mentioned in the Security Considerations section, as well as 5.3.7 that references SAC45, a previous document that already mentions possibilities of conflicts between DNS, and P2P or private names from a study of DNS root invalid hits. Please send your comments to the RFC draft to draft-grothoff-iesg-special-use-p2p-na...@tools.ietf.org Thank you, == hk -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQJ8BAEBCgBmBQJTea+5XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQ0IyNkIyRTNDNzEyMTc2OUEzNEM4ODU0 ODA2QzM2M0ZDMTg5ODNEAAoJEEgGw2P8GJg9AHIQAJ2mXtsY6C8IL6a4cB//URat EnLAlmNDJhR2IH1SVw+GCLNbqxjPNW94D21m6Q5inHF82EEUpCBAS5vvdf6A8gho dt59PiYZTkkLoXCzqsYVVdIgZPH+SuwDwvceJR9w9Qf8FL6hlGTgGT9tyQx1nUVN 19Y94iBOR+0bMFCTV1mNG224yOcFIUebPAwzzPfHurhpQEbMITyfAsQt73axkA6T mmUMabdhAvJrPU8EnoKODp2kQnlztUpO7zQHXQJC3I0p/R1MDiovTYCtv2WrlxwE KZYfKE878WJJ2/7bTLmkcz9DyPN2r4MfmrNYVKC91lpiJmvIDwlqkBe1a9CnvTgY SbqvXCZPHd70o5G8RxuQkqVRtkpyRcAB36AOm9qBMMEnsBN+n9BMeTqDZjndGE7m xHK/FM+reWxt2mQFG3/SINhQcGrr193bcMxWjlVUQ0hXURHvfd+T8a/o+SEOPVOl a1D4Gr0b4/durUzbSeY9k8ETtA5Unvy1reYK9AZCQJnBxMNiBP9jU1nc2+UrK4uk /AVdcteD6CMG6txrY/4GoXR1Aqar+diuOAsZoTAUwSxVaMMDzYKg4dlbQZC6nsMV gYuyzfucuGBkzMWRSjDsBNwzuFVHTO07p1W67Sx6dVpmM6Aj3DLgV+uSDJVwdeRz URqrkz7Elv2Ii4CuuH/l =WFNy -END PGP SIGNATURE- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
On Mon, May 19, 2014 at 7:06 AM, grarpamp wrote: > Users leaking dns / failing to redirect dns into tor is not a tor problem. > I think that's a rather arrogant point of view. If it was not a Tor problem, .onion would not be needed in the first place. Tor developers do seem to work hard on making it difficult for a user to accidentally leak information, so simply saying that users "failing to redirect dns into tor is not a tor problem" is a little counterproductive. If someone would register .onion I see two problems: 1) A malevolent registrar could redirect all .onion lookups to their own proxy, essentially routing all "hidden" traffic through their own machine. At the moment, clicking a .onion link means that it either routes through Tor, or it fails loudly: there's no risk clicking such a link. This behaviour would change to something that either routes through Tor and you're safe, or you think it routes through Tor but it's actually decoded by a third part. I think that's a usability issue, and not something that should simply be ignored. Maybe it's not something that can easily be solved, but that is why there must be a discussion about it. Maybe the only solution is to strongly warn users. 2) Useful websites could actually pop up under .onion, making a plugin that takes over that domain seem intrusive and less attractive. This is less of a problem I think. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
On Mon, May 19, 2014 at 11:24:06AM +0200, pipat...@gmail.com wrote 1.5K bytes in 0 lines about: : I think that's a rather arrogant point of view. If it was not a Tor : problem, .onion would not be needed in the first place. Tor developers do : seem to work hard on making it difficult for a user to accidentally leak : information, so simply saying that users "failing to redirect dns into tor : is not a tor problem" is a little counterproductive. This is a testable problem, right now. Setup your own DNS server, define .onion as a valid TLD, fire up tor, watch for any and all queries to your custom tld on your dns server. Banks and large enterprises setup custom tld's all the time for their intranets and internal apps. -- Andrew pgp 0x6B4D6475 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 05/19/2014 06:24 AM, Anders Andersson wrote: > On Mon, May 19, 2014 at 7:06 AM, grarpamp wrote: > >> Users leaking dns / failing to redirect dns into tor is not a tor problem. >> > *** That is a common technologist / U.S. liberal / libertarian issue to give responsibility to "the user" for "their" "failures" to do anything. The poor-is-lazy argument. But for non-hackers, the reality is that apart from booting Tails and enjoying a proper Tor setup, installing the Tor package on most distros does not come with pre-installed DNS and *will* leak queries by default. So technically, you may argue that it's not Tor's responsibility, and leave it there. But if you're honest you must consider the objectives of the software, and distros, and end-users as being part of the "Tor system". > I think that's a rather arrogant point of view. > *** And irresponsible as well. > > If someone would register .onion I see two problems: > > 1) A malevolent registrar could redirect all .onion lookups to their own > proxy, essentially routing all "hidden" traffic through their own machine. > *** That effectively suppresses the anonymization of Tor in that case, against a global adversary that is Not So American and have capacity for eyes around the globe to pin your digital footprint to your ICBM location in real time. > I think that's a usability issue, and not something that > should simply be ignored. Maybe it's not something that can easily be > solved, but that is why there must be a discussion about it. Maybe the only > solution is to strongly warn users. > *** One complexity factor here is that not all systems resolve names the same way, so you need to figure out from Tor whether the name was resolved securely or not, which is not necessarily doable. > 2) Useful websites could actually pop up under .onion, making a plugin that > takes over that domain seem intrusive and less attractive. This is less of > a problem I think. > *** If useful websites can pop up under .onion, fake copycats can also pop up that will mimick the original target without the user being able to notice due to the natural latency of the Tor network. Then you can't trust Tor anymore to do its job: for an end-user .onion means the site was obtained via the Tor network. If it was not, because a DNS leak brought you to the site via the clear Web, you're done. The only meaningful failure for the leak of .onion to the DNS is loud failure, aka NXDOMAIN, which is why it's technically important that IANA forbids registration of .onion in the first place. As far as the DNS supporters at IETF are concerned, it should be Tor's responsibility to "use DNS properly" and avoid "integrating top-level domains into the browser's location bar for convenience" (both quotes condensed paraphrases). I guess one of the tasks for the next P2P-Names draft is to properly decouple the DNS issue from the browser-location issue so that .onion is not anymore a DNS-abuse issue, nor a convenience issue, but a strong usability issue. Aside, a second task is to maintain the cohesion of Tor and non-Tor systems as a single technical non-DNS-based Peer-to-Peer name resolution issue to avoid "special treatment" of minority networks, and ensure a future for a techno-diversity of name resolution systems. Societies of control like to think their (human) identity systems as definitive, and history tend to consistently prove them wrong. The last thing we want is to force all name resolution into a top-down, non-autonomous technique, administratively-controlled centralized system that prevents better techniques from evolving. == hk -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQJ8BAEBCgBmBQJTef7UXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQ0IyNkIyRTNDNzEyMTc2OUEzNEM4ODU0 ODA2QzM2M0ZDMTg5ODNEAAoJEEgGw2P8GJg9b6sP/06KLOnWmk0Vf1mpru6O9JH4 0qQlVnhYo8IIvOXuM2ose8UhlQrIlgN+wAh9AdAogjU7kvMIlOlN4g3CoNc+VVVM 5HYPquXrI+5wtdBa6BAtjpHTfOmcJcnmvty8fidqk9ViMlBgiYbNDGJktUS+/Tro Y0FhOx6bEKwpzOOUXcumnQZjs0vi70GFFIG1gdPKaGZBU2KuMDBRg9edr6JaNR80 smQPbZ/z4/d8YOHVmKLkqT8TZU+Bl/C2IF7xoCm1j2Qdokw7PRfUnpSlQEY1mAB7 8BcrRS3l/f5A2L86VYg7o43uvb5gjMcKJlrdqjB5robNT2VOhTYrN0SQxDHpZl6w 36ukVrMdGWPjiN/6jV6Ga3YPfEvMOULvdFl1MuLzWHEgGTz2IvpI1VriAzAiQUar BAtiScHek4fSP8uZJ9MFvVHjiEy3UzA2i2xyUtA96N5JVHC1bcxl2X/6cNxPP0mI if8u51TfGENIYhD0hkY9w/y/XqFrDLrCxK7VIrf/XoCLw1tz1TwFfSpHJig/zZ37 Ht+JI0YNtxY5kcGyf12bPEcUiF/rDIjlFzewdhU5+xbWXYBe6/Q1ajWL8IV+ESTN G3cJlUC8VrsraQ4mXAVLmfhFPgQVKcBNeo9jgu4jzGm9zP0iWAc6OYQerVThdUyc QIStXree59ROPpKCOyT8 =g4/Y -END PGP SIGNATURE- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
>>> Users leaking dns / failing to redirect dns into tor is not a tor problem. I'm going to rebut these two replies a bit. TPO makes Tor, the client, and some surrounding tools, and docs, and efforts regarding Tor in the world. It's not Tor's responsibility to somehow reach into users machines, understand all their configs, and magically reconfigure them and all their apps to talk to Tor. Tor provides the client interface, users must get their packets there. Tor does help by providing a wiki/tor-talk/irc/stackX/etc where users can discuss how to do that for their apps/OS. And they do provide TBB. Users can further choose from Tails/Whonix, etc. But ultimately, as with any other tool, it's up to the user, not Tor. I want users at all levels to be able to use tor properly, but the amount of work and handholding is simply outside the scope and capability of TPO. FWIW, I think out of... - Developing TBB. - Spending time to, in fact, say, have the client trigger each OS's routing/filter API into routing everything into tor. ...that it's better that tpo do tbb because tbb tech (and pushing it upstream) is more valuable to the world than turning your box into yet another boring single purpose router brick (that has already been done, and users can customize by using the above resources). > If it was not a Tor > problem, .onion would not be needed in the first place. .onion HS is unrelated to the 'place' of apps 'leaking' dns. The talk of how to handle a day if .onion becomes a non-reserved-for-tor clearnet tld is also separate from that. (Or Tor could simply elect to flag day over to .noino, but that could become an arms race.) > But for non-hackers, the reality is that apart from booting Tails and > enjoying a proper Tor setup, installing the Tor package on most distros > does not come with pre-installed DNS and *will* leak queries by default. Tor client is not a sysadmin app, so it follows standard models to not go mucking around your system like an SA. That includes pointing the system resolver to DNSPort (which would break everything to go in that default direction), or "come with pre-installed DNS" (daemon and configs presumably). DNS "leaks" really refer to, and only occur as a result of, apps that fail to send DNS alongside TCP according to an applicable SOCKS5 directive given to them. Or from uncharacterized/unsolved situations with torsocks (due again to apps/system doing odd things). Those, or users simply not configuring things (that do work correctly) into tor properly, are not a tor problem. You have to learn and know what you're doing to use Tor properly, and in a way that suits your setup, it says so right on the tin. Or go for prepackaged TBB, Tails, Whonix. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ICANN and .onion
Users leaking dns / failing to redirect dns into tor is not a tor problem. https://www.verisigninc.com/assets/labs/Measuring-the-Leakage-of-Onion-at-the-Root.pdf -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk