Re: [DNSOP] I-D Action: draft-ietf-dnsop-alt-tld-13.txt

John R Levine <> Thu, 24 June 2021 23:17 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E90E33A2EF7 for <>; Thu, 24 Jun 2021 16:17:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=L3b7drRW; dkim=pass (2048-bit key) header.b=bqCx1zyK
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7r4Cff7M-U1t for <>; Thu, 24 Jun 2021 16:17:47 -0700 (PDT)
Received: from ( [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E565D3A2EF6 for <>; Thu, 24 Jun 2021 16:17:46 -0700 (PDT)
Received: (qmail 88358 invoked from network); 24 Jun 2021 23:17:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple;; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=15923.60d51297.k2106; bh=TYvC+nGYU/UR20Ox+1JXc9IqsE8Pd7+phHkauh5xCEs=; b=L3b7drRWgGv5FP37wY1RmLd/qqPdEFtwcDzm1UDF6qXvkoaDcnv/CVAyACk1LDo6gLwk2p+O1yZevX8qCSExSZG1O226wrAr7vpb745qTaGloru0uUHMFOOM/gRCfrsofMvY9k2UoHzMspNTbziwujhl9VafgsPA4jw0iVUgODXft+lJcw6LYguDOZiLCHjwxcTBAIXbWn0t+eKVA1FUhqsFd9oEKLva4ZyqKqveaj223H06WTeQLnCUQoRIgfPhlfkHPXYnFsAFcjw7GQp3tkhyY+KxOb6hG2xTLp3MN+R1RD+Whk3Ol2+c7b5M7aP0DLTmrGtZ+WFVoQKudGa2LQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple;; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=15923.60d51297.k2106; bh=TYvC+nGYU/UR20Ox+1JXc9IqsE8Pd7+phHkauh5xCEs=; b=bqCx1zyKxP810uc5ZIX2dKlgnHUmVDVZDM3vL1+7IjayeeZB3/zioegaow5N09MJh6Uccjhnk+i6Q44pq+5IRTl46w3P+bqXMGJS+rIMoHFeUu5K1LblB3NhdKolBuh41bj7BXifU7eZr/MxlSL9o0eazuQYCTIhxrIwIe3sRQEe/NHI5ci8Z2IdPv88OLLMtdT+H+Wbpk96D2I4APO9k/uaGn67TEZ4izG7ipusFbg+D6IJy6U0GqwLz1QSvojDw49FaJP0p60QiFDk5FDR7uosB3Cqaz4MUndT7xSxCytqff/VG+DiR40Zv6vd2XyK1z4HAWK+vCelxIOvgPabIg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 24 Jun 2021 23:17:43 -0000
Received: by ary.qy (Postfix, from userid 501) id CB8F417419AB; Thu, 24 Jun 2021 19:17:41 -0400 (EDT)
Received: from localhost (localhost []) by ary.qy (Postfix) with ESMTP id 784221741984; Thu, 24 Jun 2021 19:17:41 -0400 (EDT)
Date: Thu, 24 Jun 2021 19:17:41 -0400
Message-ID: <>
From: John R Levine <>
To: Warren Kumari <>
Cc: dnsop <>, Ben Schwartz <>
X-X-Sender: johnl@ary.qy
In-Reply-To: <>
References: <> <20210624183744.491F8171A2CB@ary.qy> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-alt-tld-13.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 24 Jun 2021 23:17:53 -0000

> Unfortunately, having multiple resolution systems using the same
> namespace and syntax does not provide a signal to denote which
> resolution mechanism should be used - clearly .com is "in the DNS" and
> .onion isn't -- but this doesn't scale, and simply saying "the DNS is
> the only resolution system" doesn't either....

It would have been nice if ToR used onion://drugmart rather than 
http://drugmart.onion, but we lost that fight a long time ago.

I have occasionally wondered whether we could define an agreed set of 
levels for DNS-ish name semantics, e.g.:

* application data stream (onion)

* resolve to a perhaps nonroutable IP address that can connect to 
a data stream (various LAN level proxy hacks)

* resove to an IP address that acts like a real IP address (most DNS 
resolution behind a NAT)

* resolve to a real IP address (DNS resolution without a NAT)

These are just examples, please consdider the overall idea, not the color 
of the bikeshed.

John Levine,, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.