Re: [DNSOP] possibly quite a lot of additional special names

"John Levine" <johnl@taugh.com> Wed, 05 February 2014 00:53 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E30F61A01BD for <dnsop@ietfa.amsl.com>; Tue, 4 Feb 2014 16:53:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.542
X-Spam-Level: *
X-Spam-Status: No, score=1.542 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yafyxw_gfAUA for <dnsop@ietfa.amsl.com>; Tue, 4 Feb 2014 16:53:57 -0800 (PST)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) by ietfa.amsl.com (Postfix) with ESMTP id 8EE731A01BB for <dnsop@ietf.org>; Tue, 4 Feb 2014 16:53:57 -0800 (PST)
Received: (qmail 60908 invoked from network); 5 Feb 2014 00:53:56 -0000
Received: from miucha.iecc.com (64.57.183.18) by mail1.iecc.com with QMQP; 5 Feb 2014 00:53:56 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=52f18ba4.xn--yuvv84g.k1402; i=johnl@user.iecc.com; bh=LjJnFrVqzCpHJ1L3RwHqweHHu1uIpPAgQfO7cyRvhuE=; b=LsiPKPBYjyRMKITdCytYdWR8+mwn3KSG2pI5nRetx8+rdiUZdcVrCzbQcKzSne1lQ1VTmNyLQS+ABGgVxpXFBdWa/IryT9Ged+MYPccb1a6sadAW2VDGY7i30zRMmsajB1d4JTU23TQgGQCDLWRPA6vkOmT/7I7K38+axh7CK93+36hTfRHmDM/vPPLPheEjmRNsvItGt0uiY6bCgf1y6UDbzbjVYlsC2tuLPXAxnbYgjsblXEykj5sJGgIzKDlV
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=52f18ba4.xn--yuvv84g.k1402; bh=LjJnFrVqzCpHJ1L3RwHqweHHu1uIpPAgQfO7cyRvhuE=; b=B1qHR0PXZ3qbrUGWHh1NmmBHzrWhWODhbO4/jC336ypRYRtO8uQV2APICKtopUd9G74Ttl/zTd1HSGtXWlxWK9VfKuHXsPK8PFdh76deOIdPvRdlOE/cEJXPqaNqZVtsFe8i+RnL3D33wg83fFB5WUa/nJXYvaYqkhSWPP0bPL0JXOULdAfZRbu3uZG8sW+BaD2IagbdeJPUsg15Ay7u7FPGdLsK3F6UfXMiQ2Lfay8XvJ6kM2/NVUwlVWru1Sjl
Date: 5 Feb 2014 00:53:34 -0000
Message-ID: <20140205005334.57929.qmail@joyce.lan>
From: "John Levine" <johnl@taugh.com>
To: dnsop@ietf.org
In-Reply-To: <8BCC9B33-8369-49BE-90DD-7E1861CA670E@hopcount.ca>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Cc: jabley@hopcount.ca
Subject: Re: [DNSOP] possibly quite a lot of additional special names
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Feb 2014 00:53:59 -0000

>> How like LOCAL is ONION?
>
>Neither is a zone in the DNS or a domain in the DNS namespace, and both refer to names for which a
>protocol other than DNS should be used for resolution.
>
>(I realise the protocol for LOCAL is DNS-like, but it's not DNS, right?)

The protocol for .ONION is DNS-like, too.  If you're running Tor, its
SOCKS proxy handles the domain names, using the normal SOCKS5
protocol, with .ONION and .EXIT treated as special cases.  The client
software, typically a web browser, doesn't know it's any different
from any other SOCKS proxy.

It seems to me that we can make a meaningful distinction between
domain names that are delegated from the global root using the normal
DNS protocol and allow arbitrary RRs (give or take) which is ICANN's
department, and domain names that are handled in other ways which is
the IETF's.  The only ICANN domain that isn't technically totally
ordinary is .TEL, which was supposed to be a directory using NAPTR to
map names to phone numbers.  It is quietly slouching toward genericity
with rather a lot of names parked by speculators, so I doubt we'll see
any more of those from ICANN.

I realize that the received wisdom is that any variation from the
standard protocol is awful and must be eliminated with extreme
prejudice, but that horse left the barn a long time ago, and enough
people have seen it running around and looking healthy that we have a
credibility problem.

What does cause problems is name collisions, but we can deal with them
more effectively with registries than by trying to stamp out pseudo-TLDs
named .ONION and .BIT and who knows what else.

R's,
John, formerly aka johnl@ima.uucp, currently johnl@taughannock.tel.

PS: Andrew asked whether .onion.arpa would have worked technically as
well as .onion.  Sure.  But so what?