W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: Browsers and .onion names

From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Sat, 28 Nov 2015 18:24:07 -0700
To: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <565A53B7.6010008@measurement-factory.com>
On 11/25/2015 10:29 PM, Mark Nottingham wrote:

> Now that we have RFC7686, there's a new requirement applicable to HTTP clients:

That requirement is for RFC 7686 applications, not HTTP applications. If
some HTTP applications decide to comply with RFC 7686, then they may do
so, of course, but that decision has pretty much nothing to do with HTTP.

Proof: If the requirement were to apply to all HTTP clients, RFC 7686
would have been marked as "updating" HTTP (and 100s of other protocols
with RFCs).

The discussion should probably stop here because the problems with that
RFC are not related to HTTP.

> Is this just a misunderstanding about the word "use" [...]?


> I (and I think most others) read that as being in the context of the
> operation of the DNS protocol (given the nature of the registry).

Is routing all HTTP requests for .onion URLs to a
big-brother.example.com HTTP proxy considered "use", even if there are
no DNS operations involved?

Is logging details of all HTTP requests for .onion URLs in a special
NFS-mounted big-brother.log file considered "use", even if there is no
DNS operations involved?

AFAICT, given the presumed nature of the problem, RFC 7686 ought to
cover any sharing of the domain name with services outside application
control (including log processing services, some HTTP peers, and DNS
servers). DNS lookup is just one [common] example of using such services.

Received on Sunday, 29 November 2015 01:24:38 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC