IETF Logo Mail Archive

Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld

"Joe Abley" <jabley@hopcount.ca> Thu, 21 May 2015 17:15 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA7F31A0075 for <dnsop@ietfa.amsl.com>; Thu, 21 May 2015 10:15:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z915hqozemtM for <dnsop@ietfa.amsl.com>; Thu, 21 May 2015 10:15:53 -0700 (PDT)
Received: from mail-ie0-x233.google.com (mail-ie0-x233.google.com [IPv6:2607:f8b0:4001:c03::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBE3D1A039B for <dnsop@ietf.org>; Thu, 21 May 2015 10:15:12 -0700 (PDT)
Received: by iepj10 with SMTP id j10so13242057iep.3 for <dnsop@ietf.org>; Thu, 21 May 2015 10:15:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-type; bh=VC90nEcrX1giK4pA53XQCEpS/bU73iCFXVMWn5XwYiI=; b=QkpFJL3JSk5GsVm8kp3D9RTSKoWJ+TXDlxBH4mdhzNvIdjGznP2Ew6Ad8GgejcfyNn bDyz0KSdvOHw+FqYBmbkffI1PoKP4O0T5+zQ7wdjujCtJFHLPwa01jFo7LObQixkeQCi LRLeytK9lGRCNkHVg2geW5JVpi896lUjRhXHY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-type; bh=VC90nEcrX1giK4pA53XQCEpS/bU73iCFXVMWn5XwYiI=; b=OeEYJXCD6nqKOe+V9JMHckN0Nzcg3khAQssCB9DwGk9wo4edbcT+jjtNQB5WS46Tjt i7pntVyTBrXbPojVnm4FLBBGzCx4b1N8ATCLJPtf6Fs0tFzIKP209lnQpjy/P35BFHiF GwIpyrI+tyl78NNZ1tzAyMES8RjhhNddujECI49xS85aY1Gn8RxMOv5KB1SGu6ngAAH6 B8zeO0tD8Alc4x2i0tXe5ZAh6Aa/4NaRTchEZE+K+zv9Hg6W5X/A4be8xLS71HS2BipE VRLSmEFO7sd0EZdvjlZghDapjDHvyYqL95PVZExikLXKwJGgNBHVibz8pxNqU2hmn7ox 2qVw==
X-Gm-Message-State: ALoCoQl75h+BeYjT6obPxSPFNDb9ErjBAd04OOIbTvFe9q/2e7C1uBHm2+xf1MXSb4pQuRHHk/h2
X-Received: by 10.50.79.167 with SMTP id k7mr5322065igx.32.1432228512443; Thu, 21 May 2015 10:15:12 -0700 (PDT)
Received: from [199.212.92.103] (135-23-68-43.cpe.pppoe.ca. [135.23.68.43]) by mx.google.com with ESMTPSA id v14sm1600537igd.12.2015.05.21.10.15.11 (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 21 May 2015 10:15:11 -0700 (PDT)
From: Joe Abley <jabley@hopcount.ca>
To: Bob Harold <rharolde@umich.edu>
Date: Thu, 21 May 2015 13:15:08 -0400
Message-ID: <BA01F358-1B71-44D0-AD83-B13AC9813214@hopcount.ca>
In-Reply-To: <CA+nkc8C+VpTeoLvgkum1S6GJJPWFRE3Hxk-RLB4UwuCWa149_w@mail.gmail.com>
References: <555CC061.7040109@gmail.com> <5A8378EF-97B3-44AE-B6E7-4873D68B18F6@hopcount.ca> <CA+nkc8C+VpTeoLvgkum1S6GJJPWFRE3Hxk-RLB4UwuCWa149_w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate Trial (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/AmxKcb4LfHPvsAyhPD2L6W6twoc>
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2015 17:15:55 -0000

Hi Bob,

On 21 May 2015, at 12:55, Bob Harold wrote:

> The "onion.eff.org" idea only solves half of the problems - it would
> prevent others from using the domain for something else, but it fails 
> to
> provide the required privacy - part of the requirement is that the 
> onion
> names NOT be sent to DNS servers at all, for privacy.

Ted's comment about the mutability of a domain that might expire vs. the 
requirements of a protocol registration resonated strongly with me. I 
agree with him; I think my "onion.eff.org" thinking was inadequate.

To your point though, I don't think we can ever practically prevent a 
query being sent to the DNS. There are no controls available to us that 
would allow us to do that.


Joe

v2.23.0 | Report a Bug | By Email