[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] ICANN and .onion

Hash: SHA512

(resent to the list after subscription. Originally Cced to Lunar and

On 05/18/2014 04:17 PM, Lunar wrote:
> Anders Andersson:
>> A few years ago, ICANN started to accept suggestions for new top-level
>> domain names. A friend recently posted a .onion link to me, and it made me
>> realize that there might be a big problem if a company or organization
>> other than Tor actually registered .onion and made it work in any browser.
>> 1) Has there been any discussions regarding the severity of the problem if
>> it should eventually happen? If so, are the discussions or the result of
>> them available online for reading?
>> 2) Has Tor applied to ICANN about the .onion domain, or discussed the pro
>> and con of doing this?
> https://lists.torproject.org/pipermail/tor-dev/2013-November/005747.html
> The document actually expired yesterday:
> https://tools.ietf.org/html/draft-grothoff-iesg-special-use-p2p-names-02
*** Thank you Lunar for Ccing me. And thank you Anders for your
interest. As far as I know the expiration date is set to September 4,
2014, so we still have some time to take comments and brew a new version.

> The last call for review on DNSOP has seen no reaction:
> https://www.ietf.org/mail-archive/web/dnsop/current/msg11364.html
> I am not familiar enough of IETF processes to know what that means.
*** The second draft didn't draw much attention from the DNSOP list
where the authors were routed to to gather feedback. That draft mainly
addressed all criticisms we had received so far, but didn't bring much
from the previous one. The current status quo from the IETF so far is
that this issue is not a priority.

It makes use of the RFC6761 to claim special top domain names but my
feeling is that the DNS people would like to see most of "our" issues
addressed through DNS itself, and would likely prefer to divide the
contents of the RFC into special cases. There's also discussion to
rewrite, or amend history and restrict how RFC6761 can be used to not
follow the main IETF process.

As we didn't receive any more feedback and still have some time to
think, and not much novelty to add to the draft besides removing some
repetitions, it's been standing there. So I'd be more than happy if
other people would like to review it and pinch the ball.

The issue Anders is concerned about, namely that some entity could
reserve .onion and use it against Tor users, is mentioned in the
Security Considerations section, as well as 5.3.7 that references SAC45,
a previous document that already mentions possibilities of conflicts
between DNS, and P2P or private names from a study of DNS root invalid hits.

Please send your comments to the RFC draft to

Thank you,

Version: GnuPG v2.0.22 (GNU/Linux)

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to