IETF Logo Mail Archive

Re: [DNSOP] Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard

"Joe Hildebrand" <hildjj@cursive.net> Wed, 15 July 2015 22:44 UTC

Return-Path: <hildjj@cursive.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03B841B2E4A for <ietf@ietfa.amsl.com>; Wed, 15 Jul 2015 15:44:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.79
X-Spam-Level:
X-Spam-Status: No, score=-1.79 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, T_DKIM_INVALID=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M4c5X7SyTAFS for <ietf@ietfa.amsl.com>; Wed, 15 Jul 2015 15:44:28 -0700 (PDT)
Received: from mail-pd0-x22d.google.com (mail-pd0-x22d.google.com [IPv6:2607:f8b0:400e:c02::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80CA31B2E48 for <ietf@ietf.org>; Wed, 15 Jul 2015 15:44:28 -0700 (PDT)
Received: by pdbqm3 with SMTP id qm3so32411460pdb.0 for <ietf@ietf.org>; Wed, 15 Jul 2015 15:44:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cursive.net; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-type; bh=LN9yk/3H2E7gEaoBvdg90VFW5R2iGNQfKrmXFbjVQQw=; b=IBjykpnEbHMKp91nPnw3xcp96rYQqTlsGnUE241wRh0MJD49Yrd/KguZDnjbDHq1oj Pth5NGvGTv5tFwIr5ZTdAiYTubUe2KuuqyUrxwVpWOVlc6ZyyihHbmTzeRX56aiiwG25 NqsPl4gLuG8TDJTwx4henR0wmoabS37wKy9H8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-type; bh=LN9yk/3H2E7gEaoBvdg90VFW5R2iGNQfKrmXFbjVQQw=; b=K5wOO9LvRG/aQzRtrHmecwx839JYky919NJxwYU06f3e5vUoXHJ0ZebdK/VhrWl+lY 5YRpGZUdjIispE6qVsWJVsZVrj0SFGRhXjsSZ8qASSsa5JLLuHdaxwp2zDEAe4KoBN1w amhpCCsOEM8hn6b+aYIZuLP6UIQ8MGFMIALG8OrTaYtr7wB1VsmMjNkJfHS24hzvqbkz 74HOACzTjx0hZiYXi+Lnmc+2mJ5tL1MkAQXCslpXZKSjAxbAsiAcx42Nx+YVAxpVwuB9 hO119NVqDxVD2Z90JPs0raES2eLOhjIPKE+l/Er1sWr9z7KSgLhOn5kbEsyqh/nm6R/a AdhQ==
X-Gm-Message-State: ALoCoQlUEiFNooih4QONxFcwhfnfW/W2XD6QtpN+8bLCrPUKbrP+SrtJ6RaX13sJekJU5NUhBxO4
X-Received: by 10.70.93.36 with SMTP id cr4mr12276575pdb.68.1437000268180; Wed, 15 Jul 2015 15:44:28 -0700 (PDT)
Received: from [10.24.210.75] ([128.107.241.188]) by smtp.gmail.com with ESMTPSA id b12sm5759804pbu.20.2015.07.15.15.44.25 (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 15 Jul 2015 15:44:26 -0700 (PDT)
From: Joe Hildebrand <hildjj@cursive.net>
To: David Conrad <drc@virtualized.org>
Subject: Re: [DNSOP] Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard
Date: Thu, 16 Jul 2015 01:44:14 +0300
Message-ID: <CF44E5A4-B5CC-4D7A-BAD8-D2989AAC96BE@cursive.net>
In-Reply-To: <93AA7CD2-DFC0-419C-9103-F39AA711BD79@virtualized.org>
References: <20150714192438.1138.96059.idtracker@ietfa.amsl.com> <CA+9kkMAz1ogcpWAdKaKTRm9f8sV4RO+TKu6aYB717D7+eM0bmw@mail.gmail.com> <20150714205019.GA20641@sources.org> <93AA7CD2-DFC0-419C-9103-F39AA711BD79@virtualized.org>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate Trial (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/w_di34bzRixEHDnF0Y37s0pANoI>
Cc: dnsop <dnsop@ietf.org>, IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2015 22:44:30 -0000

On 15 Jul 2015, at 5:37, David Conrad wrote:

> I try to be pragmatic. Given I do not believe that refusing to put 
> ONION in the special names registry will stop the use of .ONION, the 
> size of the installed base of TOR implementations, and the 
> implications of the use of that string in certificates, I supporting 
> moving ONION to the special names registry.  I really (really) wish 
> there was more concrete, objective metrics (e.g., size of installed 
> base or some such), but my gut feeling is that TOR is pretty well 
> deployed and given the CAB Forum stuff, I see no particular reason to 
> delay (after all, it's not like the deployed base of TOR is likely to 
> get smaller).

I don't see any mention of the CAB Forum stuff in the draft.  Has anyone 
done the analysis to see if CAB Forum members really will issue certs to 
.onion addresses if we do this?  Do they issue certs for .example or 
.local today?

If certificate issuance is one of the key drivers for this work, there 
needs to be information in the draft that shows that this approach will 
work.

-- 
Joe Hildebrand

v2.23.0 | Report a Bug | By Email