On 7/18/15, 3:39, "DNSOP on behalf of Ralf Weber" wrote:
>I'm ok with .onion being
>a special name, but we should just do that by normal DNS
>mechanism. What's wrong with answering REFUSED?. Answering
>NXDomain is much harder in a DNSSEC world.
If "onion" is not delegated in the root zone, then D
On 7/18/15 12:16 AM, Ted Lemon wrote:
> On 07/17/2015 01:35 AM, David Conrad wrote:
>> To be honest, I doubt this. It assumes folks who are developing
>> these non-DNS protocols know/care about what the IETF thinks.
> I suspect that more do than you think. However, what they think
> about the I
On 07/17/2015 10:41 PM, John Levine wrote:
>
> A mechanical criterion might be "observable traffic from at least
> 100,000 different IP addresses every day for at least 30 days."
> That'd be a horrible criterion, not least because it's easy
> for a modestly well funded adversary to fake.
>
*** Al
On 07/17/2015 10:39 PM, Ralf Weber wrote:
>
> Am I right that there is leakage of dns requests with
> .onion TLDs? If so isn't that a bug in their software?
>
*** Almost:
1) .onion is not a TLD (sorry, I made the mistake myself to abuse TLD,
although I had defined pTLD for that purpose--as in: p
>> With all due respect, this is a classic mistake that geeks make: thinking
>> that there can be some objective criterion or
>set of criteria that would make decisions simple. ...
>As I've said several times, I believe there are objective criteria that would
>cover the majority of cases. ...
P
Moin!
On 17 Jul 2015, at 8:00, Hugo Maxwell Connery wrote:
> For those who are trying to provide their comments to the
> 6761 discussions, I highly recommend:
>
> 1. go to https torproject org and download the client
> 2. Have wireshark / ethereal
> 3. Start 2 and then 3 and see what happens on
On 07/17/2015 07:10 PM, David Conrad wrote:
Oh, and what "non-objective" criteria would those be?
The ones in the special-names RFC, which the author and the working
group apparently considered sufficient. Which, I am afraid, contradicts
the point you were making about how we can have incomple
Ted,
On Jul 18, 2015, at 12:16 AM, Ted Lemon wrote:
> With all due respect, this is a classic mistake that geeks make: thinking
> that there can be some objective criterion or set of criteria that would make
> decisions simple. The reality is that to make criteria of this sort
> objective wou
On 07/17/2015 01:35 AM, David Conrad wrote:
To be honest, I doubt this. It assumes folks who are developing these non-DNS
protocols know/care about what the IETF thinks.
I suspect that more do than you think. However, what they think about
the IETF is that we have a very heavyweight process,
>That was exactly the draft I was thinking about David. But it does not
>address Paul's quest for one RFC per mapping, as
>.alt has no registry.
>
>I do think the path forward is one cutout (my opinion only)
The absence of a registry is a feature. Or if there is an IANA
registry, it should be
On 07/17/2015 01:17 PM, Rubens Kuhl wrote:
I personally have no position whether we shut the door before or after .ONION;
there is already a number of names in this category so if .onion was the first
I would strongly oppose its adoption, but since it's not, it doesn't care for
the scale probl
> Em 17/07/2015, à(s) 17:08:000, Ted Lemon escreveu:
>
> On 07/17/2015 12:40 PM, Rubens Kuhl wrote:
>> - Deprecating that part of RFC6761 that allowed the .ONION request, shutting
>> this door;
> This would likely result in Warren's draft never getting consensus, so be
> careful what you ask f
On 07/17/2015 12:40 PM, Rubens Kuhl wrote:
- Deprecating that part of RFC6761 that allowed the .ONION request, shutting
this door;
This would likely result in Warren's draft never getting consensus, so
be careful what you ask for. If you want to make this change, it would
be better to do it
On 07/17/2015 03:10 PM, Paul Vixie wrote:
>
> i apologize for the lack of a pre-existing syntactic framework into
> which tor's names could have been encapsulated from the outset. i
> apologize even more for the fact that tor's perfectly reasonable request
> for .onion is now causing this working
>
>> More seriously, does that mean you're opposing the .onion draft, or are
>> you simply drifting away to the later work on RFC6761bis? I'm asking
>> because the authors requested .onion, not .tor, nor .tor.alt, nor
>> .tor.external.
>
> by 6761, .ONION is a valid request and your papers are i
+1
The issue not being with ONION per se, but with the .CARROTs and the
.FOOs of the future, having a reserved TLD/namespace with a registry
along with a well defined process on how to do reserve names should be
the way to go.
We also need to close the doors to those who decide to ignore wha
hellekin wrote:
> On 07/17/2015 02:57 PM, Paul Vixie wrote:
>> i would argue, by the way, that "onion" is a kind of technology, onion
>> routing, of which Tor is the first and best-known but not the last. so,
>> i'll prefer .tor.external over .onion.external.
>>
>> [snip]
>>
>> compared to alt, y
On 07/17/2015 02:57 PM, Paul Vixie wrote:
>
> i would argue, by the way, that "onion" is a kind of technology, onion
> routing, of which Tor is the first and best-known but not the last. so,
> i'll prefer .tor.external over .onion.external.
>
> [snip]
>
> compared to alt, yes. note that .external
hellekin wrote:
> On 07/17/2015 07:07 AM, Andrew Sullivan wrote:
> > On Thu, Jul 16, 2015 at 11:39:24PM -0700, Paul Vixie wrote:
> >> we only need one cutout, something like .external, with an
> >> IANA-maintained registry of non-dns uses, each pointing to an RFC
> >> that describes as much as
i think that deep discussion over whether .external is the right exit
gateway from dns naming is premature, and that we should first decide
whether a single exit gateway is preferred, and whether IANA should
craft a registry of external-to-the-dns uses of the internet name space.
i am in favour of
On 07/17/2015 12:17 PM, Eliot Lear wrote:
>> On Fri, Jul 17, 2015 at 4:20 PM, Eliot Lear wrote:
>>> I have no particular objection to the concept here, but I do have a
>>> question about one sentence in the draft. Section 1 states:
Like Top-Level Domain Names, .onion addresses can have an
Stephane,
On Jul 17, 2015, at 4:23 PM, Stephane Bortzmeyer wrote:
>> I agree on the need for less friction, hence my interest in trying
>> to find objective criteria. Lack of objective criteria pretty much
>> guarantees the same sort of discussion and 'heavy process' you're
>> complaining about.
Hi Richard,
Thanks for the explanation. Please see below.
On 7/17/15 4:38 PM, Richard Barnes wrote:
> On Fri, Jul 17, 2015 at 4:20 PM, Eliot Lear wrote:
>> I have no particular objection to the concept here, but I do have a
>> question about one sentence in the draft. Section 1 states:
>>>
For those who are trying to provide their comments to the
6761 discussions, I highly recommend:
1. go to https torproject org and download the client
2. Have wireshark / ethereal
3. Start 2 and then 3 and see what happens on the wire.
You can also access all of the design discussion and materi
On 07/17/2015 11:32 AM, David Conrad wrote:
>
> No. .LOCAL was not already in the root zone. .FOO is.
>
*** Therefore the .FOO label is not available for Special-Use anymore,
end of story. A Special-Use name cannot be an already registered name in
the root zone.
If you referring to e.g., .corp t
Hi David,
Sorry, comments here, rather than in context:
Yes, the challenge is getting 6761 strings into the resolvers. If this is not
achieved, it largely nullifies the efforts, from a privacy perspective,
though it does enable the certificate issue. I suggest that the first,
privacy, is the ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/17/2015 11:20 AM, Eliot Lear wrote:
> I have no particular objection to the concept here, but I do have a
> question about one sentence in the draft. Section 1 states:
>>Like Top-Level Domain Names, .onion addresses can have an
>>arbit
On Fri, Jul 17, 2015 at 4:20 PM, Eliot Lear wrote:
> I have no particular objection to the concept here, but I do have a
> question about one sentence in the draft. Section 1 states:
>>Like Top-Level Domain Names, .onion addresses can have an arbitrary
>>number of subdomain components. T
Stephane,
On Jul 17, 2015, at 4:17 PM, Stephane Bortzmeyer wrote:
>> Well, even worse, what happens if decides
>> to create a new dns-like protocol that uses .foo, does that mean
>> that we should automatically block it?
>
> No need to speculate about "what happens". It already happened, the
>
Hugo,
On Jul 17, 2015, at 4:03 PM, Hugo Maxwell Connery wrote:
> The goal here from the non-DNS people seems to be to have DNS type labels
> (thus URI's)
> which are known to the recursive and authoritative resolvers to be outside of
> DNS.
That appears to be the goal of some folks, however th
On Fri, Jul 17, 2015 at 07:35:47AM +0200,
David Conrad wrote
a message of 73 lines which said:
> It assumes folks who are developing these non-DNS protocols
> know/care about what the IETF thinks.
It is reasonable to assume that many of them do not even know that the
IETF exists. We should th
On 7/17/15 7:13 AM, Stephane Bortzmeyer wrote:
> On Wed, Jul 15, 2015 at 06:17:54PM +,
> Edward Lewis wrote
> a message of 148 lines which said:
>
>> URLs are nice for giving a reference, but there's still a need to curate
>> the data. In particular, what if the torproject.org name regist
I have no particular objection to the concept here, but I do have a
question about one sentence in the draft. Section 1 states:
>Like Top-Level Domain Names, .onion addresses can have an arbitrary
>number of subdomain components. This information is not meaningful
>to the Tor protocol
On Wed, Jul 15, 2015 at 02:22:58PM -0700,
Francisco Obispo wrote
a message of 48 lines which said:
> Well, even worse, what happens if decides
> to create a new dns-like protocol that uses .foo, does that mean
> that we should automatically block it?
No need to speculate about "what happens"
On Wed, Jul 15, 2015 at 12:35:12PM -0700,
Francisco Obispo wrote
a message of 207 lines which said:
> We are trying to mitigate against unknowns and perhaps the best
> solution is to have the TOR folks apply for .ONION on the next round
> of TLD application and get a fully qualified delegation
On Wed, Jul 15, 2015 at 06:17:54PM +,
Edward Lewis wrote
a message of 148 lines which said:
> URLs are nice for giving a reference, but there's still a need to curate
> the data. In particular, what if the torproject.org name registration
> expires and is bought by someone else?
Nothing
On Wed, Jul 15, 2015 at 04:36:54PM +,
Wiley, Glen wrote
a message of 144 lines which said:
> Id like to suggest something like this:
>
> (a) An adjective to describe a name server whose name is either
> subordinate to or (rarely) the same as the zone origin. In-
> bailiwick name servers r
Hi,
I am interested by the .a to .z, .alt and .external discussion.
The goal here from the non-DNS people seems to be to have DNS type labels (thus
URI's)
which are known to the recursive and authoritative resolvers to be outside of
DNS.
If it is known that .a to .z are such; why where they no
On 7/16/15 9:04 AM, Richard Barnes wrote:
> On Thu, Jul 16, 2015 at 12:44 AM, Joe Hildebrand wrote:
>> On 15 Jul 2015, at 5:37, David Conrad wrote:
>>
>>> I try to be pragmatic. Given I do not believe that refusing to put ONION
>>> in the special names registry will stop the use of .ONION, the siz
On 7/15/15 10:16 AM, Ted Lemon wrote:
>> I'm agreeing with Ted in that this application is insufficient.
>
> Whoa there, cowboy! I didn't say it was insufficient. I proposed
> changes to the text that I think would result in it better expressing
> what I think was intended.
I can see some exp
On 7/16/15 6:44 AM, Warren Kumari wrote:
> On Thu, Jul 16, 2015 at 2:23 PM, Andrew Sullivan
> wrote:
>> On Thu, Jul 16, 2015 at 01:30:03PM +0200, Warren Kumari wrote:
>>> We shouldn't be figuring out how useful a WG is by the number of
>>> documents published, but I don't think DNSOP is still whe
+1 on support
On Thu, Jul 16, 2015 at 9:57 AM, Tom Ritter wrote:
> On 16 July 2015 at 00:44, Joe Hildebrand wrote:
>> I don't see any mention of the CAB Forum stuff in the draft. Has anyone
>> done the analysis to see if CAB Forum members really will issue certs to
>> .onion addresses if we do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/17/2015 07:07 AM, Andrew Sullivan wrote:
> On Thu, Jul 16, 2015 at 11:39:24PM -0700, Paul Vixie wrote:
>> we only need one cutout, something like .external, with an
>> IANA-maintained registry of non-dns uses, each pointing to an RFC
>> that de
Paul,
On Jul 17, 2015, at 9:51 AM, Paul Vixie wrote:
> yes, but not with .ALT, which is a politically desirable gTLD name, and
> which allows the connotation of "alternate DNS". i suggested .EXTERNAL
> because nobody will ever want it as a gTLD and because its connotation
> is unambiguously "not
On Thu, Jul 16, 2015 at 11:39:24PM -0700, Paul Vixie wrote:
> we only need one cutout, something like .external, with an
> IANA-maintained registry of non-dns uses, each pointing to an RFC that
> describes as much as is possible to describe about that use.
Why is an IANA-maintained registry a good
On Fri, Jul 17, 2015 at 12:51:05AM -0700, Paul Vixie wrote:
>
> yes, but not with .ALT, which is a politically desirable gTLD name, and
> which allows the connotation of "alternate DNS". i suggested .EXTERNAL
> because nobody will ever want it as a gTLD and because its connotation
> is unambiguous
On 7/16/15 8:20 AM, Ted Lemon wrote:
> On 07/15/2015 02:45 PM, Francisco Obispo wrote:
>> It doesn’t feel right to me rewarding bad behavior.
> I don't think it's fair to characterize this as "bad behavior." It is
> completely unsurprising behaviour, as I explained in some detail in a
> previous
David Conrad wrote:
> Paul,
>
> On Jul 17, 2015, at 8:39 AM, Paul Vixie wrote:
>> we only need one cutout, something like .external, with an
>> IANA-maintained registry of non-dns uses, each pointing to an RFC that
>> describes as much as is possible to describe about that use.
>
> You mean like
>From my high tech gadget
> On Jul 17, 2015, at 09:04, David Conrad wrote:
>
> Paul,
>
>> On Jul 17, 2015, at 8:39 AM, Paul Vixie wrote:
>> we only need one cutout, something like .external, with an
>> IANA-maintained registry of non-dns uses, each pointing to an RFC that
>> describes as muc
Paul,
On Jul 17, 2015, at 8:39 AM, Paul Vixie wrote:
> we only need one cutout, something like .external, with an
> IANA-maintained registry of non-dns uses, each pointing to an RFC that
> describes as much as is possible to describe about that use.
You mean like http://tools.ietf.org/html/draft
50 matches
Mail list logo
