[cabfpub] .onion proposal
sleevi at google.com
Tue Nov 18 10:20:47 MST 2014
On Nov 18, 2014 8:22 AM, "Jeremy Rowley" <jeremy.rowley at digicert.com> wrote:
> That is the advantage to using a new Appendix - we can deal with these
fringe cases. For .home and .corp, I think the domain name consists of the
MAC address or serial number of the device. The rule set would need to be
designed around that.
That has never been the case for either. These names are not globally
unique, and thus suffer all the attendant issues that raises.
.onion is also not unique - it is limited to the first 80 bits of the SHA-1
of a public key. The uniqueness is dependent upon SHA-1's second preimage
resistance (in the face of truncation) and the schemes valid for public
keys (... Just wait until RSA vs EC vs funky encodings). I just want to
make sure it isn't forgotten precisely why we prohibit such registrations.
> -----Original Message-----
> From: Gervase Markham [mailto:gerv at mozilla.org]
> Sent: Tuesday, November 18, 2014 2:31 AM
> To: Jeremy Rowley; public at cabforum.org
> Subject: Re: [cabfpub] .onion proposal
> On 17/11/14 23:15, Jeremy.Rowley wrote:
> > Thanks to everyone who has commented so far. Based on the feedback,
> > I'm amending the proposal as follows:
> > 1) Modify the definition of internal name to exclude reserved names
> > approved by the Forum (which will only be onion as far as I know).
> Musing: perhaps we could also add .home and .corp to Appendix D?
> IANA has indefinitely postponed their delegation. My view is that the
world is a better place if there are a couple of "TLDs" which are for
internal use, and for better or worse, these appear to be them.
> They would, of course, have different rules to .onion.
> Public mailing list
> Public at cabforum.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public