IETF Logo Mail Archive

Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld

Ted Lemon <Ted.Lemon@nominum.com> Thu, 21 May 2015 17:46 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D9D41A014C for <dnsop@ietfa.amsl.com>; Thu, 21 May 2015 10:46:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Y_PJE60cAv1 for <dnsop@ietfa.amsl.com>; Thu, 21 May 2015 10:46:15 -0700 (PDT)
Received: from sjc1-mx02-inside.nominum.com (sjc1-mx02-inside.nominum.com [64.89.234.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54D3F1A012D for <dnsop@ietf.org>; Thu, 21 May 2015 10:46:15 -0700 (PDT)
Received: from webmail.nominum.com (cas-03.win.nominum.com [64.89.235.66]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by sjc1-mx02-inside.nominum.com (Postfix) with ESMTPS id EEFE4DA00A8; Thu, 21 May 2015 17:46:14 +0000 (UTC)
Received: from [10.0.1.29] (8.20.190.66) by CAS-03.WIN.NOMINUM.COM (192.168.1.100) with Microsoft SMTP Server (TLS) id 14.3.224.2; Thu, 21 May 2015 10:46:14 -0700
References: <555CC061.7040109@gmail.com> <5A8378EF-97B3-44AE-B6E7-4873D68B18F6@hopcount.ca> <CA+nkc8C+VpTeoLvgkum1S6GJJPWFRE3Hxk-RLB4UwuCWa149_w@mail.gmail.com> <BA01F358-1B71-44D0-AD83-B13AC9813214@hopcount.ca>
MIME-Version: 1.0 (1.0)
In-Reply-To: <BA01F358-1B71-44D0-AD83-B13AC9813214@hopcount.ca>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-ID: <6388B1DB-BF7E-4C5D-B44C-E578E9B46789@nominum.com>
X-Mailer: iPad Mail (12F69)
From: Ted Lemon <Ted.Lemon@nominum.com>
Date: Thu, 21 May 2015 13:46:13 -0400
To: Joe Abley <jabley@hopcount.ca>
X-Originating-IP: [8.20.190.66]
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/HypkEe9i4UYo42MsLWyNpbabGmc>
Cc: Bob Harold <rharolde@umich.edu>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Adoption and Working Group Last Call for draft-appelbaum-dnsop-onion-tld
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2015 17:46:16 -0000

On May 21, 2015, at 1:15 PM, Joe Abley <jabley@hopcount.ca> wrote:
> To your point though, I don't think we can ever practically prevent a query being sent to the DNS. There are no controls available to us that would allow us to do that.

This is unfortunately true.   However, there are varying degrees of control we could have over these.   It would make sense for at least open source resolvers and probably for other resolvers to add .onion to the switch that already handles .local, and to ensure therefore that .onion queries that hit the resolver either are resolved using the correct protocol, or that no attempt is made to resolve them.

This would be much more difficult to do with .onion.eff.org.

v2.23.0 | Report a Bug | By Email