Re: [DNSOP] [Gen-art] review: draft-ietf-dnsop-onion-tld-00

On 18 July 2015 at 04:25, Joel M. Halpern wrote: > Major issues: It seems to this reviewer that at least the definition of how > to use these names, reference tor-rendezvous, needs to be a normative > reference. It appears likely that tor-address also ought to be a normative > reference. > > Mino

Re: [DNSOP] Last Call: (The .onion Special-Use Domain Name) to Proposed Standard

On 16 July 2015 at 00:44, Joe Hildebrand wrote: > I don't see any mention of the CAB Forum stuff in the draft. Has anyone > done the analysis to see if CAB Forum members really will issue certs to > .onion addresses if we do this? Do they issue certs for .example or .local > today? Not only wil

Re: [DNSOP] Want to join the IETF 93 Hackathon to work on DNSSEC, DANE or DNS Privacy?

As an idea: some months ago dkg looked at hooking up unbound to an upstream resolver over TCP/TLS. It works, but it isn't ideal right now. Our findings: A) client and server together negotiate TLS 1.2 (that's good!) B) client doesn't appear to even try to validate the certificate C) client do

Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld

On 23 May 2015 at 09:35, Richard Barnes wrote: > tl;dr: Ship it. ++ Nits: - Noted for the first time that the IETF boilerplate uses the oxford comma. (I like the Oxford comma, but it seems most don't.) - "visually or apparently semantically similar to the desired service" - not sure what "or a

Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld

I've read, I support, I will continue to read and contribute. -tom ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] followup and proposed actions: RFC 6761 interim and next steps

On 20 May 2015 at 10:54, John Levine wrote: >>Because (AIUI) DBOUND is intended to specify security-relevant zone cuts >>*in DNS* using it to specify names that are reserved in DNS but not _in_ >>DNS might come out a little weird... but it seems like the most relevant >>place to at least take the

Re: [DNSOP] followup and proposed actions: RFC 6761 interim and next steps

On 5/19/15 5:18 PM, Suzanne Woolf wrote: > 4. It's been pointed out that the maintenance of the special use names > registry is complicated by the fact that people used to be able to > assume the root zone was relatively stable, and this assumption has > become less defensible. (ICANN is not curren

Re: [DNSOP] A comparison of IANA Considerations for .onion

On 12 May 2015 at 07:23, Andrew Sullivan wrote: > If the Tor Browser has its own resolver that is used just by it and > that is not a separate service installed with the expectation that > other clients will use it, then it seems to me the built-in Tor > resolver is part of the application, even i

Re: [DNSOP] discussion for draft-appelbaum-dnsop-onion-tld-00.txt

On 17 March 2015 at 10:49, David Conrad wrote: >> On 17 March 2015 at 10:36, David Cake wrote: >> >> I'm generally in favour of this proposal. > > +1 I also support this draft. CA issuance for .onion post-October is dependent on this draft, and external reliance on an RFC (or lack of RFC) by so