ietf
[Top] [All Lists]

Re: [DNSOP] Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard

2015-07-17 06:39:22
+1 on support

On Thu, Jul 16, 2015 at 9:57 AM, Tom Ritter <tom(_at_)ritter(_dot_)vg> wrote:
On 16 July 2015 at 00:44, Joe Hildebrand <hildjj(_at_)cursive(_dot_)net> 
wrote:
I don't see any mention of the CAB Forum stuff in the draft.  Has anyone
done the analysis to see if CAB Forum members really will issue certs to
.onion addresses if we do this?  Do they issue certs for .example or .local
today?

Not only will they issue certificates .onion, but they will not be
required to revoke the certificates they have _already_ issued, and
are using happily. I know Facebook and Blockchain, a few certs for
each, and maybe a third I'm forgetting. That will only go up over
time.

On the topics of metrics, indeed https://metrics.torproject.org/ is
the place.  You missed a zero though. It's 2 *million* directly
connecting users/day on average, not 200K.

On the topic of carrot, I would suggest .carrot.alt =)  I would also
ask about your user base.

On the topic of TLD vs Special Use: Yes I can confirm we want a
special use name, not a TLD.

On the topic of reliable resource,
https://gitweb.torproject.org/torspec.git/tree/ is a great URL, this
is where we standardize our specifications and update them. Our
process is different from the IETF, but there is one.  rend-spec.txt
in particular deals with .onion - but you would need to work with the
rest of the specs to get that far.  Barring operator accidents or some
absurd explosion in DNS price, I expect torproject.org will live 40+
years reliably. It may not be as future-reliable as iana.org or
ietf.org, but that URL, and/or "the torspec repository" is probably as
reasonably reliable as any other offsite link.

I support this draft.

-tom




-- 
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe(_at_)cdt(_dot_)org
PGP: https://josephhall.org/gpg-key
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

<Prev in Thread] Current Thread [Next in Thread>