IETF Logo Mail Archive

Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld

"Joe Abley" <jabley@hopcount.ca> Wed, 20 May 2015 17:55 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 621D81A89FD for <dnsop@ietfa.amsl.com>; Wed, 20 May 2015 10:55:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.101
X-Spam-Level:
X-Spam-Status: No, score=-0.101 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Sy5X0iiUCKu for <dnsop@ietfa.amsl.com>; Wed, 20 May 2015 10:55:15 -0700 (PDT)
Received: from mail-ie0-x231.google.com (mail-ie0-x231.google.com [IPv6:2607:f8b0:4001:c03::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AAE41A89F0 for <dnsop@ietf.org>; Wed, 20 May 2015 10:55:15 -0700 (PDT)
Received: by iebgx4 with SMTP id gx4so45150073ieb.0 for <dnsop@ietf.org>; Wed, 20 May 2015 10:55:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-type; bh=zwBpiAyoxziqAAQxpYwom325qvfmIUoKE7jHlAyv2W4=; b=H7Z/Rh7zcadEUnnn6M9+qA7FLOCTGgZErHKZPNJU+m7YIkDOj9Dy4lbDd9RYBxonvB PUblmbjx/EQ5WRA2kjFpaw3PbA0PeiGiMflW6t9YF3tWetG9IN1ymeKKK4+lIDtwkn1E h58xMOhN7wASbjNQhn9nq9n38/evJFq58zKrg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-type; bh=zwBpiAyoxziqAAQxpYwom325qvfmIUoKE7jHlAyv2W4=; b=IHdcv2BNrStLQhHNVM3H8zOchoTOFQL8D8t+zA+/3WVgYz/vEp2/Mw00gRCCGSTLRh d7Ld66fII3aJ+4uhFGBN2lPFyX2EoZIVFZuyM/mxdZOHecXxe/Ir6MrFHo3xeLKTFCX1 sAoqiGmiTlaiqpvk+4loMMpien21Ge/VW34C69CIh13SYvPnAkiXVVjh+nzygC+MZROf R4So5Y2SYj5zMhiy0/bXYXOCt9bMFx14Cm/8Z9FJHHoL0gZof9f80yOhXpvvuKtOwt6f 064ePcqwXcxvDOW1ndNosQS2Pmd7CdrNXeEVCrWVkEfrXAe0n8hYMJU7Q/gHRkBIRg41 A+Ig==
X-Gm-Message-State: ALoCoQnCGD6oWzr3Iz6Pi7a4u2rKKBNGP/YepL/ctMz7Ut11PAHjVxtyDSiFMW53iXE58maAwmOy
X-Received: by 10.107.168.164 with SMTP id e36mr4804265ioj.87.1432144515070; Wed, 20 May 2015 10:55:15 -0700 (PDT)
Received: from [199.212.92.103] (135-23-68-43.cpe.pppoe.ca. [135.23.68.43]) by mx.google.com with ESMTPSA id e69sm12857434ioe.11.2015.05.20.10.55.14 (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 20 May 2015 10:55:14 -0700 (PDT)
From: Joe Abley <jabley@hopcount.ca>
To: Tim Wicinski <tjw.ietf@gmail.com>
Date: Wed, 20 May 2015 13:55:11 -0400
Message-ID: <5A8378EF-97B3-44AE-B6E7-4873D68B18F6@hopcount.ca>
In-Reply-To: <555CC061.7040109@gmail.com>
References: <555CC061.7040109@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate Trial (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/8x522tdE01T0UY6X6Dry4TuIctw>
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2015 17:55:17 -0000

On 20 May 2015, at 13:12, Tim Wicinski wrote:

> The draft can be found here:
>
> https://datatracker.ietf.org/doc/draft-appelbaum-dnsop-onion-tld/
>
> https://tools.ietf.org/html/draft-appelbaum-dnsop-onion-tld-01
>
> Please review the draft and offer relevant comments.

I have read this document. I support it's adoption by the working group. 
I am willing to review future revisions of the draft, and to contribute 
text if that seems useful.

The document uses the phrase "top-level domain" all over the place to 
describe .onion. That phrase to me seems indelibly linked to its meaning 
in the context of the DNS; in the case of Tor, however, we're not 
talking about the DNS at all, but rather the use of a completely 
separate namespace that just happens to be syntactically equivalent to 
DNS names.

The purpose of the document should not be to create a top-level domain 
in the usual/DNS sense; rather it's to prevent such a top-level domain 
(i.e. a delegation from the root zone for the owner name "onion") from 
ever existing, since that would make things confusing for applications.

I support the idea that the running code evident in the tor network 
should properly trump any process or policy that would otherwise make it 
difficult to make the DNS-specific recommendations on resolvers and the 
root zone encapsulated here. I just think the different contexts should 
be more clearly delineated.

I would also support (as I have heard others say before, and as I think 
I have also said) a separate document that provides advice to anybody 
else planning to deploy code that uses a DNS-like namespace that is not 
the DNS. Such people should either make their names unambiguously 
different from those used in the DNS, or should anchor them somewhere 
else in the namespace where defensive registrations in the DNS are less 
contentious. For example, if the Tor project had used "onion.eff.org" 
instead of "onion", we would not be having this conversation. Making 
such guidance available would make it far easier to deal with the future 
possibility that a decision with "onion" would set an unfortunate 
precedent.

Note that I am definitively not criticising the Tor project for their 
choices back at a time when there was no such guidance available. I 
think they are all to be congratulated for causing us this headache, 
since at its core that headache is a symptom of their success of 
enhancing the privacy and freedom of everybody who uses their software.


Joe

v2.23.0 | Report a Bug | By Email