IETF Logo Mail Archive

Re: [DNSOP] Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard

David Cake <dave@difference.com.au> Mon, 20 July 2015 04:07 UTC

Return-Path: <dave@difference.com.au>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22BFC1B2F51; Sun, 19 Jul 2015 21:07:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.212
X-Spam-Level:
X-Spam-Status: No, score=-0.212 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, HTML_MESSAGE=0.001, RELAY_IS_203=0.994, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zcurfuw33pLX; Sun, 19 Jul 2015 21:07:04 -0700 (PDT)
Received: from legba.difference.com.au (legba.difference.com.au [203.56.168.25]) by ietfa.amsl.com (Postfix) with ESMTP id BE83B1B2F52; Sun, 19 Jul 2015 21:07:02 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by legba.difference.com.au (Postfix-vscanned) with ESMTP id 3DD8AA2214; Sun, 19 Jul 2015 19:11:01 +0800 (AWST)
Received: from legba.difference.com.au ([127.0.0.1]) by localhost (legba.difference.com.au [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iJHOH_nifgUq; Sun, 19 Jul 2015 19:11:00 +0800 (AWST)
Received: from [192.168.1.4] (58-7-57-40.dyn.iinet.net.au [58.7.57.40]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by legba.difference.com.au (Postfix-smtp) with ESMTPSA id 228D4A20A2; Sun, 19 Jul 2015 19:10:58 +0800 (AWST)
Subject: Re: [DNSOP] Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\))
Content-Type: multipart/signed; boundary="Apple-Mail=_A2E3E905-6654-4F2D-9F95-1396B36AB46D"; protocol="application/pgp-signature"; micalg="pgp-sha256"
X-Pgp-Agent: GPGMail 2.5
From: David Cake <dave@difference.com.au>
In-Reply-To: <55A91C90.1050201@cisco.com>
Date: Mon, 20 Jul 2015 12:06:54 +0800
Message-Id: <49481ED5-52CA-470D-8B0E-895F11A1BA46@difference.com.au>
References: <20150714192438.1138.96059.idtracker@ietfa.amsl.com> <55A90F34.4010901@cisco.com> <CAL02cgTJM1FxTHfaQb_x5=7MExOd3YumQbrAEE487a2+Ax0i=w@mail.gmail.com> <55A91C90.1050201@cisco.com>
To: Eliot Lear <lear@cisco.com>
X-Mailer: Apple Mail (2.2102)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/xAK8aDunlBRDxE0FcpplqvvVEm0>
X-Mailman-Approved-At: Sun, 19 Jul 2015 22:50:41 -0700
Cc: Richard Barnes <rlb@ipv.sx>, dnsop <dnsop@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 04:07:06 -0000

As someone with moderate experience in both DNS and web server configuration, FWIW I found the meaning relatively obvious. The notion that HTTP Host headers might be used to change web server response independent of name resolution (e.g. that two names that return identical responses to every possible DNS query, but produce different web server responses) has been fairly intrinsic to how web servers operate for a couple of decades now, and this seems a simple but useful clarification regarding how this operates for .onion names to me.

David

> On 17 Jul 2015, at 11:17 pm, Eliot Lear <lear@cisco.com> wrote:
> 
> Hi Richard,
> 
> Thanks for the explanation.  Please see below.
> 
> On 7/17/15 4:38 PM, Richard Barnes wrote:
>> On Fri, Jul 17, 2015 at 4:20 PM, Eliot Lear <lear@cisco.com> wrote:
>>> I have no particular objection to the concept here, but I do have a
>>> question about one sentence in the draft.  Section 1 states:
>>>>   Like Top-Level Domain Names, .onion addresses can have an arbitrary
>>>>   number of subdomain components.  This information is not meaningful
>>>>   to the Tor protocol, but can be used in application protocols like
>>>>   HTTP [RFC7230].
>>>> 
>>> I honestly don't understand what is being stated here, or why a claim is
>>> made about HTTP at all in this document.  Are we talking about the
>>> common practice of www.example.com == example.com?  And what
>>> significance does that last phrase have to the document?
>> I made a comment on this to the authors earlier, and they decided to
>> leave it as-is :)
>> 
>> The idea is that TOR routing will only use the first label after
>> .onion, but if you're using the .onion name in an application, that
>> application might use the whole name.  For example, if you put
>> "http://mail.example.onion/", TOR will route on "example.onion", but
>> the HTTP Host header might be "mail.example.onion".
>> 
>> -
> 
> I just leave the IESG and WG with the comment that two of us "old
> timers" are trying to divine the meaning of those two sentences, and
> that can't be good for others with (even) less clue.  Personally I think
> the easiest approach is to remove those two sentences, but if others
> really disagree, then a bit more clarity seems in order.
> 
> Eliot
> 
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org <mailto:DNSOP@ietf.org>
> https://www.ietf.org/mailman/listinfo/dnsop <https://www.ietf.org/mailman/listinfo/dnsop>

v2.23.0 | Report a Bug | By Email