[cabfpub] .onion and .exit

Ryan Sleevi sleevi at google.com
Thu Oct 23 23:01:02 UTC 2014

My comment was merely that its not permitted under the BRs today, and a
ballot would need to change that.

As Adam notes, it is possible to come up with unique identification
schemes, if the necessary steps are taken first (IANA registration and a BR
ballot among them).

To support a ballot, demonstration of interest from the affected parties
would be needed.
On Oct 23, 2014 3:52 PM, "Adam Langley" <agl at google.com> wrote:

> On Thu, Oct 23, 2014 at 3:11 PM, Jeremy.Rowley
> <jeremy.rowley at digicert.com> wrote:
> > Thanks Ryan.  Adam didn't see as strongly opposed as you are in this
> email.
> > Also, Adam was going to reach out to Tor and get them to provide input.
> Is
> > that still happening?
> I did point them at this thread. I'm guessing that they have lots to
> do I'm afraid.
> Issuing in a non-IANA domain is not to be done lightly and is against
> the Baseline currently. However, I don't agree that this is
> intrinsically the same as internal names since a specific onion
> address does globally, uniquely identify someone. It is something that
> could, plausibly, have a certificate.
> But if .onion is ok, what about all the other pseudo-TLDs that people
> use? If Tor want this then I wonder that they might need to support,
> say, onion.torproject.org in order to root it correctly in IANA space.
> Then it's a change to the Baseline validation rules, which is still a
> one-off hack, but I like Tor so I don't discount it out of hand.
> But without Tor fighting for it I'm not sure that there's much hope.
> Cheers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20141023/a6af4cf2/attachment-0003.html>

More information about the Public mailing list