Also what I haven't seen explored but is actually a logical extension of using socks to make ordinary browsers talk to .onion sites is extending the local recursive server to do the TOR lookup rather than a traditional DNS lookup and return the results in a DNS message. With dprive this should end up being secure. If there will ever be a requirement to support this then doing a insecure delegation to a set of public .onion servers would be the way to go. The logical set of servers is the root-servers to avoid additional leakage. There are a number of places where a .onion name can be intercepted and the alternative lookup method introduced: application, getaddrinfo, recursive server, special purpose authoritative server. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx