Re: [DNSOP] punctuation follies, I-D Action: draft-ietf-dnsop-alt-tld-15.txt

John Levine <johnl@taugh.com> Tue, 28 June 2022 01:19 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFABAC15AD48 for <dnsop@ietfa.amsl.com>; Mon, 27 Jun 2022 18:19:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.856
X-Spam-Level:
X-Spam-Status: No, score=-1.856 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=BBYDWb1z; dkim=pass (2048-bit key) header.d=taugh.com header.b=qpJB4gJa
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xGdmgxRdOr5R for <dnsop@ietfa.amsl.com>; Mon, 27 Jun 2022 18:19:11 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB892C15A730 for <dnsop@ietf.org>; Mon, 27 Jun 2022 18:19:11 -0700 (PDT)
Received: (qmail 62719 invoked from network); 28 Jun 2022 01:19:09 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=f4fa.62ba570d.k2206; bh=Df1PI+zybxVWmE+KNyX28Mn1KwqPrTHrrx1+IV2yR50=; b=BBYDWb1zyd/W5N3aSTVTUyv4ZukgJrmJ/KWa08443MBIcBiNlDxOFY2UkootGmGzSfwTSYrV+mX1E8n4mc7amP5mD2mpcv8km2zWREOYcCgbALyN5v8F8RbxBEIVHpNvUorOUPK7MRfnCIpL3BJsjQpca9ksFZ0pgoIRdMHwzFh+1dRjqFuDYzwYnKetuNtbpyRh7mIEi54QCZJBtqBV9glVaM44uLgO+QdI2wFI+bXv7wgS/i/C85T11VPWjrfUpnxGrl8cMulSNJnhmWfE47H/k+xU4RAwWYolHcpWl9dML02zykwiYnr+3Jt3esM8pOJgi3jMliu+gU2pYlcgGg==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=f4fa.62ba570d.k2206; bh=Df1PI+zybxVWmE+KNyX28Mn1KwqPrTHrrx1+IV2yR50=; b=qpJB4gJaPW5QVqnxH6uiqXG/xYeBbtMYNsERWqeEwRtEmMb+5nJvRSI1U9z0SSPBmh8pFAi1QaVLmruE87FrBI+Nyn3aDIxLlyxEIhyPPzMS/ff9nCHA9+QhAWeODKCg6ea/+xXa/xJ/CVRl62ZLc1nxVGMzcaliQC2sOI11pLnSjp4/Rg7Ym2RNVs6DLQbRH+VCi+Him05c4mmE2WorIgAHEgZlTAkB86VV8TRR93chzUONQ5Q0vmS6MX0V7/gXpgMNvsnS8l8rDm/OeI+Y0ptHq95wmZhoMj+YSzcUKC8VxB70oA9CqWSK2GkR5qnFI77zH7wcghvsrvqHF7exFQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 28 Jun 2022 01:19:09 -0000
Received: by ary.qy (Postfix, from userid 501) id 133AD4496382; Mon, 27 Jun 2022 21:19:08 -0400 (EDT)
Date: 27 Jun 2022 21:19:08 -0400
Message-Id: <20220628011909.133AD4496382@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: dnsop@ietf.org
Cc: peter@desec.io
In-Reply-To: <09fea18f-9856-9666-c81e-6ec5b571d814@desec.io>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/qYq17fI8uNNVDNimhk9L93Ihl_M>
Subject: Re: [DNSOP] punctuation follies, I-D Action: draft-ietf-dnsop-alt-tld-15.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2022 01:19:16 -0000

It appears that Peter Thomassen  <peter@desec.io> said:
>
>
>On 6/27/22 22:05, John Levine wrote:
>> But there is a
>> great deal of software that expects the names it uses to look like
>> hostnames, and won't work with anything else.
>
>The software for new applications which would use a _foo pseudo-TLD namespace is not yet written. It is for future applications, for which we
>can hope to push TLD-like use of things like "onion" into namespaces like "_onion".

History suggests that you and I will both be dead before that software is
widely enough used for anyone to care.

>I see no reason why, if Tor was started today, the software written for it should not be able to support _onion, if that was the BCP for doing
>it. Tor software would be written for that purpose at the time. Or am I missing something here?

The particular issue for .onion was SSL certificates which use an
identifier with a syntax essentially the same as DNS hostnames. In
theory, we could ask the SSL people to change the rules to allow
_names, in practice, even if we could persuade the IETF to update the
spec, it would take a long time for the changes to percolate out into
the field. There is still plenty of software using TLS 1.1 which was
published in 2006 and deprecated a year ago.

You'd also need to update web browsers and the SOCKS proxies that are
usually used to connect the TOR sessions to the browsers. How much
time are you prepared to spend to persuade them all that they should
allow _label as the rightmost label?

R's,
John