[tor-dev] Prop279 and DNS

[Jeremy Rand]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Jesse V:
> On 04/03/2017 05:01 PM, Jeremy Rand wrote:
>> Maybe this topic has already been brought up, but in case it
>> hasn't, I'll do so.  I notice that Prop279 (onion naming API)
>> defines its own API rather than using DNS.  I guess that this is
>> because of security concerns about the centralization of the
>> DNS.
> 
> Hi Jeremy,
> 
> I believe that the general idea with prop279 is simply to introduce
> an API for resolving pseudo-TLDs before they were sent through the
> Tor network. How that is done is entirely dependent on the naming
> system.
> 
> For example, if a user typed in example.bit into a Namecoin-enabled
> Tor browser, the software could then perform your proposed DNS
> lookup and rewrite the request before turning it over to the tor
> binary. In my case, my OnioNS software rewrites .tor to .onion,
> since the tor binary knows how to handle .onion. At the moment,
> this is a bit hacky because the software has connect with tor's
> control port, manually review and process each lookup, rewrite the
> the request, and then tell tor to connect it with a circuit. Prop
> 279 is designed to make this much easier and avoid hacky
> solutions.

Hi Jesse,

Yes, I understand that the goal is to provide an abstraction layer for
naming systems that doesn't rely on control port hacks -- and that's
great!  My primary inquiry here is about whether the DNS protocol
might be a better-suited protocol for Tor to use for talking to naming
systems, rather than a Tor-specific protocol as is proposed now.  I
don't hold a strong opinion on this; I'm mostly just curious whether
it was considered, and if so, what led to the decision not to use it.

Cheers,
- -- 
- -Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmobile at airmail.cc
Mobile PGP: 2158 0643 C13B B40F B0FD 5854 B007 A32D AB44 3D9C
Send non-security-critical things to my Mobile with PGP.
Please don't send me unencrypted messages.
My business email jeremy at veclabs.net is having technical issues at the
moment.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJY5wi/AAoJELPy0WV4bWVwp78P/jd8xte9hgEZiVIJ1nSgIV7Q
Yo3NNZpSlDyeyPr2XktGm9JUsBGgMjN+D+oIQcilEiaIAuufrdNW8R4n00VoJMgQ
yAHB42UNRJXq1W9+Y7TgrDHjbzsea4fNSZSA5e2kHqOaxPV5fK/qX7xKC8/fPHsf
329qk8BPcGVe2SkLkJqNKBW5D5cBA54HcMENV6w/6Vos64OD/ZKUOclSHcubtwWz
kYRn6ERv67/dHRV8M58WYewA/lFvyvMCSLyyZbfJXuJEsV6wlpFIxWbJezps80EU
coiCunGeu0TCj6Ae0lVtr8cuyMCN4WyCs7C4BkdiuCrLwri+IW8vR8LeP8fLjQCa
ImnfgxIOdxiHti77UPzWjEPGKerdJi/gVF4NmJ2XL2qJEv0rr4hnaEn3LKTHAEQm
0k0EjDXGaMgNhSS5y67PLW5bW909uISrCIYnNAOfSi3vRwCfYusY3N0P6seH78R9
VNhS/bnUCTEfD3CJFvZD2coUbpvG/vXW5OI8D02Ro+3FJqvcbbkXXhimK0d9R65V
s96ckSAmI+m0VD7FO3hGW0BUzGdzVAJIsEfLIwUCqasQ7ugwbawfh0JvjYreM14T
ZmnM9usdNPcgE+uRnZbHpHG6n3GcOIWc1ShhoCHvzaF3zF8+UWPMElwmFA4XZCo2
2YgPFCAuFfSfQapZxrX9
=iXyt
-----END PGP SIGNATURE-----