- From: Adrien de Croy <adrien@qbik.com>
- Date: Sat, 28 Nov 2015 23:00:49 +0000
- To: "Willy Tarreau" <w@1wt.eu>, "Cory Benfield" <cory@lukasa.co.uk>
- Cc: "Jacob Appelbaum" <jacob@appelbaum.net>, "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>
is there also a requirement for sub-domains of .onion to not do things like set up MX records and run mail servers? I can't imagine how many thousands or millions of deployed DNS servers and resolvers and other network software out there will happily forward .onion lookups. Good luck to anyone trying to get those redeployed. It seems to break the principle rule of specs, that is if you don't implement it you don't have to implement it. Requiring someone who isn't implementing a spec to implement the spec is not only logically flawed, it's practically flawed and is not a sane strategy IMO. It reminds me of the law the EU passed a while back requiring all merchants selling into the EU to collect and remit VAT - making extra-judicial laws turning innocent net vendors into your tax agent. A law (since I don't fall under EU jurisdiction) I promptly ignored after checking with the NZ ministry. Tor does not get to have jurisdiction over all internet products sorry. That only really leads to one conclusion and that is that special use domains were always a bad idea, and adding more is a worse idea, and they should just be deprecated. I see a lot of DNS lookups for .local floating around and it doesn't seem to break anything. Adrien ------ Original Message ------ From: "Willy Tarreau" <w@1wt.eu> To: "Cory Benfield" <cory@lukasa.co.uk> Cc: "Jacob Appelbaum" <jacob@appelbaum.net>; "Mark Nottingham" <mnot@mnot.net>; "HTTP Working Group" <ietf-http-wg@w3.org> Sent: 29/11/2015 11:33:07 a.m. Subject: Re: Browsers and .onion names >On Sat, Nov 28, 2015 at 04:59:02PM +0000, Cory Benfield wrote: >> >> > On 28 Nov 2015, at 11:56, Jacob Appelbaum <jacob@appelbaum.net> >>wrote: >> > We solve a real problem with RFC7686 and browsers, as well >> > as other software, have a duty of care to implement the solution. >> >> The browsers part makes sense to me, it really does, and I (and maybe >>Willy) >> would not have objected in the slightest if this was brought up as a >> suggestion instead of what felt like a mandate. I don???t object to >>browsers >> refusing to process .onion domains, that makes perfect sense. I care >>much >> more about claiming that the requirement extends to anything that >>processes >> domain names (your ???other software", even if that application makes >>no >> claim to support Tor or actively claims it does not. >(...) > >I confirm that it was my point as well. Thanks Cory for making it >clearer than I did :-) > >Willy > >
Received on Saturday, 28 November 2015 23:01:25 UTC