W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Browsers and .onion names

From: Adrien de Croy <adrien@qbik.com>
Date: Sat, 28 Nov 2015 23:00:49 +0000
To: "Willy Tarreau" <w@1wt.eu>, "Cory Benfield" <cory@lukasa.co.uk>
Cc: "Jacob Appelbaum" <jacob@appelbaum.net>, "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>
Message-Id: <em5f936ca4-77c3-4983-9a2c-12a932351b19@bodybag>

is there also a requirement for sub-domains of .onion to not do things 
like set up MX records and run mail servers?

I can't imagine how many thousands or millions of deployed DNS servers 
and resolvers and other network software out there will happily forward 
.onion lookups.  Good luck to anyone trying to get those redeployed.

It seems to break the principle rule of specs, that is if you don't 
implement it you don't have to implement it.

Requiring someone who isn't implementing a spec to implement the spec is 
not only logically flawed, it's practically flawed and is not a sane 
strategy IMO.  It reminds me of the law the EU passed a while back 
requiring all merchants selling into the EU to collect and remit VAT - 
making extra-judicial laws turning innocent net vendors into your tax 
agent.  A law (since I don't fall under EU jurisdiction) I promptly 
ignored after checking with the NZ ministry.  Tor does not get to have 
jurisdiction over all internet products sorry.

That only really leads to one conclusion and that is that special use 
domains were always a bad idea, and adding more is a worse idea, and 
they should just be deprecated.  I see a lot of DNS lookups for .local 
floating around and it doesn't seem to break anything.

Adrien


------ Original Message ------
From: "Willy Tarreau" <w@1wt.eu>
To: "Cory Benfield" <cory@lukasa.co.uk>
Cc: "Jacob Appelbaum" <jacob@appelbaum.net>; "Mark Nottingham" 
<mnot@mnot.net>; "HTTP Working Group" <ietf-http-wg@w3.org>
Sent: 29/11/2015 11:33:07 a.m.
Subject: Re: Browsers and .onion names

>On Sat, Nov 28, 2015 at 04:59:02PM +0000, Cory Benfield wrote:
>>
>>  > On 28 Nov 2015, at 11:56, Jacob Appelbaum <jacob@appelbaum.net> 
>>wrote:
>>  > We solve a real problem with RFC7686 and browsers, as well
>>  > as other software, have a duty of care to implement the solution.
>>
>>  The browsers part makes sense to me, it really does, and I (and maybe 
>>Willy)
>>  would not have objected in the slightest if this was brought up as a
>>  suggestion instead of what felt like a mandate. I don???t object to 
>>browsers
>>  refusing to process .onion domains, that makes perfect sense. I care 
>>much
>>  more about claiming that the requirement extends to anything that 
>>processes
>>  domain names (your ???other software", even if that application makes 
>>no
>>  claim to support Tor or actively claims it does not.
>(...)
>
>I confirm that it was my point as well. Thanks Cory for making it
>clearer than I did :-)
>
>Willy
>
>
Received on Saturday, 28 November 2015 23:01:25 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC