-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/17/2015 11:20 AM, Eliot Lear wrote: > I have no particular objection to the concept here, but I do have a > question about one sentence in the draft. Section 1 states: >> Like Top-Level Domain Names, .onion addresses can have an >> arbitrary number of subdomain components. This information >> is not meaningful to the Tor protocol, but can be used in >> application protocols like HTTP [RFC7230]. >> > I honestly don't understand what is being stated here, or why a claim > is made about HTTP at all in this document. Are we talking about the > common practice of www.example.com == example.com? And what > significance does that last phrase have to the document? > > Eliot >
It means that when resolving .onion addresses, the Tor protocol only checks the first label in the onion chain (e.g., facebookcorewwwi in example.facebookcorewwwi.onion), ignoring any eventual label under that (here: example). But Tor doesn't remove these labels: they're passed on to the application at the endpoint. For example, imagine Facebook runs https://static.facebookcorewwwi.onion to serve images for their website. To the Tor protocol, only facebookcorewwwi is used to identify the onion service and find a route to it, but once the connection is established between the Web browser and the Web server across the onionspace, static.facebookcorewwwi.onion becomes meaningful to the Web server. == hk -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJVqRRNXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQ0IyNkIyRTNDNzEyMTc2OUEzNEM4ODU0 ODA2QzM2M0ZDMTg5ODNEAAoJEEgGw2P8GJg9MaoQAIZvDEz9M1MT7ExyRPTGgiSy Zdbqyclu80jHkomkXsDTdiBSpMeZ5h3i5txeeDg+qlxLguHj/+s+Bap0O9e6gVqc l8ypZyntPVTYQgWvI8/vdLXHGn6TD0H+z9HTYEgIqJKY6cDOJfpVaGHw/gtYeM3R IkVjXpsXP7/fyici1jHtAkA3j98yWOZWF28bY692CHEgCTJcwbL/GVdeYeUvHnHd 2C+uNdg7tN+EEDznWmq3zCQ9a2EDhRv8tXVMzFDx6Uce+cWQlXHFDbILhNE6GPXK c2trDKQTIL+kSzyI77jQx7ONqvT/CqFClLvNchUPq3qX90VxCR3ZZIxxga+vxQR7 trxwnuJr+TZ9nECt1xeR8LZ4DDymVSsygdYrcvTGSPfIogZwWjL4B7oWKjH3CjPl reSgq+eFYfIEyF3fHyrYhUCm3H8amMEqP5HArYi+WTnaZE86LkE5gFxxJhKDFhLT gLkxSlLIsAuE8ozjzEbEWIsjUQEUahb7XroD39W97hhAXmvONkbvP45weZUbnYz9 sH7LpLJqzls3b255tjGgckO3voEC4BfJfx2EROx+m+m+MOMh/HaboEn0DUWK8gax HDVOnnt8wcqG7sNvtIyDi8fYHf7UIDOY7I441shS8FNquKufnJ2M6QqUTIutU9Vd DHA8mfKy+yS4KNYOZxXl =6d6o -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
