(The last call is still on...) I am trying to write another document and wanted to include descriptions of ".onion" names. I'm seeking authoritative references but am having some trouble doing so. This isn't meant to be a replay of my previous comment that the draft under discussion is poorly supported by documents - which it is to some extent - but I really would like to find reliable references. The last call document is sparse on references, and there's not much from other sources I see (Wikipedia.org). I've come across: "https://gitweb.torproject.org/torspec.git/tree/address-spec.txt"; named "Special Hostnames in Tor" by "Nick Mathewson". This document lacks any mention of how to contact the author with questions, nor any information regarding the status of the document. It describes ".exit", ".onion" and ".noconnect". The latter is said to be obsoleted. ".Exit" is defined in a way that includes a "hostname" which, from the examples, I assume is the term defined in RFC 1123 (and thus a DNS name). ".Onion" refers to "rend-spec.txt" without any qualification but I was able to track that document down. The definition of a .onion name is "the digest is the first eighty bits of a SHA1 hash of the identity key for a hidden service, encoded in base32." I'd heard that Onion names would be too long for DNS domain names, but I don't see that from the definition given here. My concern is that "I hear" different stories in email than I read in documents. Accessing "https://gitweb.torproject.org/torspec.git/tree/rend-spec.txt"; I see a document called "Tor Rendezvous Specification" with no editor/author credited as well as no indication of where to send questions. It does invoke "RFC 2119" but does not identify that as the IETF produced document commonly referred to as RFC 2119 "Key words for use in RFCs to Indicate Requirement Levels". According to that document, onion names (or perhaps "valid onion addresses" are something else) "contain 16 characters in a-z2-7 plus '.onion'". Again, that doesn't mesh with the story that names are too long. This may be an off-shoot, but it appears that the onion names are wedded to RSA and SHA-1. This is fine, but makes me wonder about future stability of the protocol and hence the designation of .onion as special purpose, if there's ever a need to change cryptographic parameters. I am mentioning this as someone not well steeped in cryptography but as someone exercising cryptographic algorithm agility in DNSSEC operations. I would like to avoid trolling against the effort to reserve onion. But in the effort to document other elements of name spaces, I'm having difficulty locating definition of onion names and this difficulty worries me when it comes to registering a name as special use (without a "why"). If someone can point me to a definition of how Tor treats and writes names "ending with .onion", I would appreciate the reference.
<<attachment: smime.p7s>>