>.onion was the chosen approach precisely because nothing else but lookup and s >ubsequent routing has to change; there are no other application-level decision >s about .onion, and that's a feature. HTTP still works, TLS still works (once >you can get a cert), links still work, HTML still works. Same-origin policy st >ill works.
Call me old-fashioned, but I think this is silly. The purpose of the domain name system is to name things. We have IP addresses and we want to refer to them using names. We do the same thing with mail domains, etc. In goes a name, out comes some lower level entity. In this context an onion address should have been an 'IN ONION', i.e, www.example.com might have an 'IN ONION' address for use with TOR. Now instead, .onion doesn't map to anything. In goes an onion address (and not a name) out comes nothing. All, .onion does is signal a particular transport protocol. So it is a clear abuse of the domain name system. It might be that it is the best option. But my guess is that is was just the easiest hack to get it working. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
