-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 09/01/2015 07:39 PM, Jacob Appelbaum wrote: > > Tor doesn't leak .onions > > If the name is reserved and the process is followed, we'll hopefully > be able to stop most of the leakage in the DNS. >
One clear example that was documented earlier is the "pre-fetching" feature of some Web browsers that will request links on a visited page "to accelerate the Web" in anticipation of the user's next move (which sounds quite wasteful indeed). In this case, if a page mentions links to .onion URLs, a browser that is not configured to use Tor will hit the DNS root with an inappropriate request. On the contrary, if the browser is configured to use Tor, no leak will happen because the Tor resolver will take precedence over DNS resolution for .onion. Once the RFC is available, browser implementors can add a filter for .onion to their prefetching code. They certainly don't need the RFC to do so, but once it's RFC, it's more likely that they do it. == hk -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJV5jFpXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQ0IyNkIyRTNDNzEyMTc2OUEzNEM4ODU0 ODA2QzM2M0ZDMTg5ODNEAAoJEEgGw2P8GJg9n5sQAKRzvkBwJ/ibOoRlajG5AsRu ACnykyUsP9aU2Hpv0kJFm7AvfKOy0gwHeYfWY/czjbvsC6X5sJ/Hoe+ZYUcPTwGQ hjsug0m/F4htS4s6O5WbzLwc3506kmzw2PvyGzvJBpKZzgGU2gvn4H0JuVHemMXR yNaQw21MFJIWOlhO0eshMr84SBoiaoO6IWEBjiITdtq1qsZNhPQRipn63r8VY2ul mDTPSUcHvN4sblj2kiCCNVt0O8j6GhS3xc9H+EVe8Iz+Rk3hDbJtxBKZhSOZY309 YEjUhlkQ7CgmkTQa0fxEQsjSq3HSjLcfBCXkovCbt0i7ReEHP/YPr4cFtfWZIk7v +Wnk1PuMI17SPnyglWiZxl3eLT0h4j4mxlrEAvT1TkeHmTu1CItTm9xcxuksdErS 3ncZPsUZAOObrw01tZVJ0YmF3kT4F5NE1ThlxrDIA9ygPT5cqgwAlXo+6thjff7y dgaWi5swXYzzFh68KTgMxP8rWzItM+hV4k0SjYEXNVlYKLBKtUqFIaR0jNatVDN2 1Auy3p9+h+iw2DQnBDXtWMiQ6CprG/yn3yEsVueSobnwX8sNHHMRsIadifjAlh50 CnyYxb1BKuwkoJ61eHymKcDAD6Bz5i+gtpfEfBBxC5yzibQq8Dm/rNGMioyzz8k7 Bk6aSDSHHwq9P/0ZBxAb =F5Fc -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
