At the risk of revealing that I haven't been following this thread carefully, I don't understand how a resolver is supposed to know all of the special names. Resolvers that are configured to know that invalid, local, onion, and test are special will not know about the next name that's put on the special list.
I guess the larger picture is that onion is a protocol switch, so it's not sufficient for a resolver to know that it shouldn't look up strings ending in onion in the global DNS; it must also know what it should do. Steve On Fri, Aug 16, 2019 at 10:47 AM Andrew Sullivan <a...@anvilwalrusden.com> wrote: > As I often note, I work for ISOC but I'm not speaking for it. > > On Fri, Aug 16, 2019 at 11:30:06AM +0200, Vladimír Čunát wrote: > > > I've been wondering what's best to do around these TLDs: invalid, local, > > onion, test. The RFCs say that resolvers SHOULD recognize them as > > special and answer NXDOMAIN without any interaction with nameservers (by > > default). What do you think about NOT following this "advice", subject > > to some conditions that I explain below? > > I think it's less than ideal, because the point of resolvers immediately > answering NXDOMAIN is that these are not and never will be names in > the global DNS. That is, they really are special-use, and part of > that specialness is that they're part of the domain name space but not > part of the global DNS name space. > > This is particularly true of onion, which is a protocol switch. It's > intended to signal that you should _never_ look up that name in the > DNS. That's its whole function. > > Best regards, > > A > > -- > Andrew Sullivan > a...@anvilwalrusden.com > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
