IETF Logo Mail Archive

Re: Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard

"Joe Hildebrand" <hildjj@cursive.net> Wed, 15 July 2015 22:40 UTC

Return-Path: <hildjj@cursive.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37BB51B2E37 for <ietf@ietfa.amsl.com>; Wed, 15 Jul 2015 15:40:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.49
X-Spam-Level:
X-Spam-Status: No, score=-1.49 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, MIME_8BIT_HEADER=0.3, T_DKIM_INVALID=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xvN9-mAwtb76 for <ietf@ietfa.amsl.com>; Wed, 15 Jul 2015 15:40:51 -0700 (PDT)
Received: from mail-pd0-x231.google.com (mail-pd0-x231.google.com [IPv6:2607:f8b0:400e:c02::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 448341B2E39 for <ietf@ietf.org>; Wed, 15 Jul 2015 15:40:50 -0700 (PDT)
Received: by pdrg1 with SMTP id g1so32269846pdr.2 for <ietf@ietf.org>; Wed, 15 Jul 2015 15:40:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cursive.net; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; bh=LMVAwDzVIDKN9grnh1ptR/Kk0XwvhHiwdnYnUutJuAE=; b=W77/Mhcy1Qn+SgXCIrpGOa6IMYynCjVef6SdcbogoeFvkuiSLVUUdWJep9o5sLAB4A HBFDlDj85zPj97v326SSLMlOVoEEyzCTMtj76EtLz2artbjbofLc6fRkCQYLpQUSzr+i Jvyeska5K0AetgvrP1CA3B8DQmfCZSf3l8wuI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-type:content-transfer-encoding; bh=LMVAwDzVIDKN9grnh1ptR/Kk0XwvhHiwdnYnUutJuAE=; b=LhjNqE5LNCM/8fGuY9N9iKFO2jLfEFXCGofeQgU0bp7e6NI0M9l8Mem3FuUuRafq61 o+fbEuBXS/lzPnEJgwTNMXrYK79IqOXtp9EAFD+9yIbIcw0n7nuBW4xcxo5aexAKD3Nz Ffl8KKnSlcI11Ej9tFXOx7ZutNcfbJ/HafyhmAvTUfkqXn+gZRoWP3twybNaK670CoiZ /DRyKxAtDUEgTG/68nKzBSWq9G/n4OsxXwERSyEOo6cG6JdabWzmIu9OdKV12fzEJBus RAVEMyjedgJOTDkIt1wdLIcmqMp3MNQ3HrMjcke/HUT5oNDCDuZ+fD6pSXW9uc8k2+/p LMkA==
X-Gm-Message-State: ALoCoQlz+GjCJPOc2evYFgkB44Bb+kzRlF/SXLP1/JnFIo2pQXHFhj4D4cKUr1ZRh17mi0AHyNE8
X-Received: by 10.68.103.164 with SMTP id fx4mr12348289pbb.125.1437000049978; Wed, 15 Jul 2015 15:40:49 -0700 (PDT)
Received: from [10.24.210.75] ([128.107.241.188]) by smtp.gmail.com with ESMTPSA id fq2sm5753363pdb.35.2015.07.15.15.40.47 (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 15 Jul 2015 15:40:48 -0700 (PDT)
From: Joe Hildebrand <hildjj@cursive.net>
To: Patrik Fältström <paf@frobbit.se>
Subject: Re: Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard
Date: Thu, 16 Jul 2015 01:40:36 +0300
Message-ID: <A0498C83-64AF-4669-A792-E4EEE7371069@cursive.net>
In-Reply-To: <BBA233B3-789D-4AAD-82B3-41C995E11D8E@frobbit.se>
References: <20150714192438.1138.96059.idtracker@ietfa.amsl.com> <CAKr6gn0KTpdsbG67aUvnvSt833C+1kH8tB1PEZoksq6R+9FPNw@mail.gmail.com> <91B3FDB8-C46E-4B97-ADA7-900794C0237D@frobbit.se> <154CECB0C21A02BC78224D78@JcK-HP8200.jck.com> <BBA233B3-789D-4AAD-82B3-41C995E11D8E@frobbit.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate Trial (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/o4GLzYDpl8yp4ii_F_vTco1l4_g>
Cc: John C Klensin <john-ietf@jck.com>, IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2015 22:40:52 -0000

On 15 Jul 2015, at 19:18, Patrik Fältström wrote:

> True, but if we look at the chat protocols, IETF could not agree on 
> which one of three different protocols should move forward. Then XMPP 
> came and, well, was developed elsewhere and basically "won".

I do want to point out that we ceded change control over XMPP to the 
IETF, and the XMPP working group made some fundamental changes to the 
protocol, including start-TLS, stringprep, SASL, a new error name 
scheme, version numbering, etc.

A similar approach was used for SPDY morphing into HTTP/2.

I don't see any way that these protocol development efforts can be used 
as precedent for this draft.  If the TOR folks wanted to go through the 
process to standardize their protocols, we could think about the 
architecture we wanted for their identifiers and think about ways to 
avoid a special-use name.

In the meantime, I have a specific technical objection to this draft, 
section 2:

>  2.  Application Software: Applications (including proxies) that
>      implement the Tor protocol MUST recognize .onion names as special
>      by either accessing them directly, or using a proxy (e.g., SOCKS
>      [RFC1928]) to do so.  Applications that do not implement the Tor
>      protocol SHOULD generate an error upon the use of .onion, and
>      SHOULD NOT perform a DNS lookup.

I'm skeptical that this SHOULD NOT will have any effect on any 
application other than some small number of popular web browsers. There 
are a LOT of non-web-browser applications in the world that do DNS 
lookups, and almost none of them will ever find out that they are 
leaking information because of this SHOULD NOT.

As such, I suggest that this doc does not provide an adequate technical 
or market-based mechanism that will achieve its stated goal.

-- 
Joe Hildebrand

v2.23.0 | Report a Bug | By Email