On May 21, 2015, at 1:15 PM, Joe Abley <jab...@hopcount.ca> wrote: > To your point though, I don't think we can ever practically prevent a query > being sent to the DNS. There are no controls available to us that would allow > us to do that.
This is unfortunately true. However, there are varying degrees of control we could have over these. It would make sense for at least open source resolvers and probably for other resolvers to add .onion to the switch that already handles .local, and to ensure therefore that .onion queries that hit the resolver either are resolved using the correct protocol, or that no attempt is made to resolve them. This would be much more difficult to do with .onion.eff.org. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
