> The whole point of this "registration" is to avoid leaks in the > DNS (section 2 of the draft). The listing of a string in the special names registry will, of course, not by itself cause leaks to be avoided. It may provide a facility for leaks to be avoided in the future. >> This does not describe special handling _within the DNS_, but >> instead removes a portion of the global namespace from the DNS at >> all. > > Same thing for RFC 6762 (which was the first applictaion of RFC 6761, > and nobody objected about it). To put it bluntly, from a certain perspective, 6762 and dnsop-onion are essentially about the same thing: they are formalizing squatting on namespace (by Apple in the first instance and by TOR in the second). As such, I'm not sure 6762 is a good precedent to rely on. I try to be pragmatic. Given I do not believe that refusing to put ONION in the special names registry will stop the use of .ONION, the size of the installed base of TOR implementations, and the implications of the use of that string in certificates, I supporting moving ONION to the special names registry. I really (really) wish there was more concrete, objective metrics (e.g., size of installed base or some such), but my gut feeling is that TOR is pretty well deployed and given the CAB Forum stuff, I see no particular reason to delay (after all, it's not like the deployed base of TOR is likely to get smaller). Regards, -drc
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail