[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 274: A Name System API for Tor Onion Services



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

Why run a separate process instead of using unix socket or TCP socket?

Since a Namecoin domain can point to IP addresses and ICANN-based DNS
names in addition to onion service names, and a Namecoin domain owner
might wish to switch between these configurations without causing
downtime or forcing their users to change behavior, I recommend against
this.  However, see the open question below:

Open question: If a Namecoin domain points to an onion service, end
users might expect encryption to be built in, and this assumption will
be violated if the Namecoin domain switches to using an IP address.
However, Namecoin domains can include TLS fingerprints, which would be
enforced for both the IP address and the onion service address.  Is it
sufficient to tell users that TLS is required if they want encryption
for Namecoin-addressed services, or is some additional mechanism
needed here to avoid bad things?

How about specifying whether the Namecoin domain should point to .onion
or clearnet in the domain?  We can require that TLDs for such service
must end in either:

o o: The name points to a .onion name.

o i: The name points to an IP address.

o a: The name points to a clearnet domain name.

So example.zkeyo points to 66tluooeeyni5x6y.onion.  example.zkeyi
points to 192.0.2.1 or (and?) 2001:db8::1.  example.zkeya points to
example.com.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJX+OqnAAoJEOoKZxebCIumIh0P/RaIZj9XYNngI6fVIcwQRGt9
OV9xPWNKkf53TcDi7HkkQLw5QerSe+Qmu6aMYBJ1J3s32QliX6Za+/AAfXwQ+051
JxOZKcg0RKGbTrjPMkF6mptkfSf+Xjkc8C5/BQp9TNcuy/CYmG88Soud7GidngW4
6lNvgJumxlP6YxpDvVg+VXpk8ry7k8kugoiKsFBKKFWYoEXUkDGRSXXLUiqC7hpv
N6UleRnK7eeHBFu3K76l9j8tuW33xohomKdLf33BB4E1XBUQnPfw6DRdRns0IlqX
BnWed7GGdd9ToQcWFKbRopYLRyTT7VX9IpgP1DJ689xchad8xnWcEz57aevyUlZ3
WaP5Vdrd3n/btYxAMbX65smAR98bkxSSr3NlFlpnympGnlgNW8bXtB6bjD2OQvmU
uBLTXZsJWyCZAWGmVk5XJUU6leieZz6DLCQTRk36qWfHT5/0E6bDsvdUUQAWfw9M
uHMoNKmVMXxTUhmQx3AVifQZ1w30jD/7ZsyF/Us3L0RpcUrCZKLvoDs5SIfD/VVe
SCGFXYPC9VMxF+ElrmyrRC/IEGxEOgegdRwdSnnVi73PuOU2cxIR2iYyj845AE8f
/JMN2rwULDVaxyREAhDafZRojkcJmQgv/prqN8U890Ihc2MUiGhgIqeDxCSAfwqN
w6sZ30pOL9/BiBKzmTto
=mMR3
-----END PGP SIGNATURE-----


-------------------------------------------------
75% of Americans don't like Clinton or Trump.
Don't waste your vote, say 'No' to the US Oligarchy and give it to Gary Johnson.
(paid for by VFEMail)

ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail Options! _______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev