you can take the discussion here as indicating some loud voices for "RFC 6761 was a mistake" so the -BIS document should consider one option being to say "we made a mistake: we don't do this"
-G
On Tue, Jul 21, 2015 at 9:46 AM, Suzanne Woolf <suzworldwide@xxxxxxxxx> wrote:
Eliot,On Jul 21, 2015, at 3:20 AM, Eliot Lear <lear@xxxxxxxxx> wrote:
That's exactly it. Some mechanism is needed to address pragmatics of a
situation, something that the IETF has a pretty good (albeit not
perfect) record on addressing. That mechanism could sit at ICANN, the
IETF, or even both organizations. No matter what one's opinion of Tor
is, the fact is that it's out there and in use. They don't intend that
the DNS be used, and yet there is clearly an interaction between the two
namespaces at the CA level. It's possible that the CA people could have
created a new usage constraint, but history shows that the extension
isn't well accepted, and that could actually hinder secure deployment.FWIW— DNSOP has discussed these issues at some length, and to the extent that an answer to the interesting questions here lie within what the WG can do, we’re forming a design team to examine them and consider the possibility the community needs to work on a revision to RFC 6761.For some of the questions pulled from discussion on .onion (WG and IETF LC) and other internet-drafts proposing special-use names registry additions, see the slides as included in the meeting materials, https://www.ietf.org/proceedings/93/slides/slides-93-dnsop-7.pdf.best,Suzanne