On Mon, May 11, 2015 at 09:29:02PM -0300, hellekin wrote: > > > *** How can you fail to see that P2PNames says "Users can use these > names as they would other domain names", while OnionTLD says they cannot > ? >
I think people can see that, and they disagree with you. If you put an onion name into an application and your system (somehow) is onion-aware, it will behave differently than if it is onion-unaware. If you put a com name into an application, it Just Works, because DNS resolvers are basically universal. That's an important difference. (Note that I picked com on purpose. Ask the users of info domains how many problems they still have, 14 years after that TLD was first delegated.) > *** So you recognize that if your Tor setup is wrong, and you're not > aware of this, then it could happen that a malicious entity could serve > a copy of the original site, but resolved over the DNS. This to me, > sounds like the well-documented--not hypothetical--abuses of NXDOMAIN > that were historically performed by Verisign, Comcast, and others. Are > you sure you still don't see any difference at all between MUST and SHOU > LD? Not every network is a public-access one. For instance, there might be a local policy at my employer that onion names are not to be resolved. I can certainly imagine them installing a resolver that captured and redirected onion resolution attempts. (That is not, of course, a policy at _my_ employer, but I can imagine such a case without trouble.) Best regards, A -- Andrew Sullivan a...@anvilwalrusden.com _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
