On 3/17/15 8:11 PM, Andrew Sullivan wrote: > On Tue, Mar 17, 2015 at 12:59:25PM -0400, Richard Barnes wrote: >>>> >>>> If an application does not implement tor, and is not tor aware, it >>>> _will_ do a DNS lookup. You can't really go ask the world to stop >>>> doing that. You need to deal with that fact. >>> >> >> The entire point of the special use domains registry is to tell general >> clients how to behave with regard to special-use names. It exists >> precisely to tell the world the DNS names for which they should not do >> lookups, because they require different handling. > > Actually, my understanding is that the point of the special use > domains registry is to create a repository for applications so that, > _if_ they are looking at names in domain name slots and trying to do > something sensible, they know where to look to learn about those > sensible things. > > There is no way for a document to specify, "Don't look stuff up in the > DNS." If we had a reliable way to make that rule, AS112 wouldn't have > been necessary. I think there's nothing wrong with the document > saying that you _shouldn't_ look them up, because they're promised not > to give you a response anyway so it's just pollution traffic. But do > not delude yourself into thinking that adding stuff to the special > names registry will do anything to prevent leaking. It will not.
it certainly cannot prevent leakage from resolvers unaware of the new reservation. something like the .alt probably might once iplemented, do so for future spaces assuming it were used. > A >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
