Why separate namespaces/TLD's for Tor/I2P are a bad idea

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by biolizard89 »

Why separate namespaces/TLD's for different resolvers are a bad idea

Recently, there have been proposals for separate namespaces/TLD's for different domain resolvers, e.g. tor/, i2p/, and an unspecified namespace for CJDNS. I think this is a poor engineering practice for several reasons. This post will attempt to discuss these issues.

1. Domains which support multiple resolvers should be able to specify all supported resolvers with a single name. This is not theoretical; WikiLeaks' submission system was available at both IPv4 and Onion addresses. Using a single name allows the owner of the name to prove that he/she considers all of the specified resolvers to be trustworthy (otherwise how would a user know that the owner of wikileaks.bit considers wikileaks.tor to be trustworthy?). It also allows domain owners to switch resolvers as necessary (e.g. a user offering an Onion service might later decide to also offer it on I2P). If tor/ and i2p/ were used rather than d/, the aforementioned domain owner would have to register 2 names before even deciding to use 2 resolvers, or else risk a squatter obtaining the 2nd name. (This becomes an even bigger problem if additional namespaces for extra resolvers are introduced later.)

2. The most common argument made in favor of separate namespaces/TLD's is that it is necessary for the user to be able to see which resolver is being used before clicking on a link, or that it is necessary for a web browser to be able to automatically block certain resolvers. The problem with this argument is that it takes a UI issue and tries to solve it as an backend issue. A proxy server such as Convergence or NmcSocks could easily block certain resolvers, and a browser UI add-on could also display which resolvers are used by a particular .bit domain. There is no reason to sacrifice the flexibility of the d/ namespace's backend engineering to fix a UI problem. If doing so were good engineering, then IPv4 and IPv6 would have separate TLD's, as they have similar issues. I don't see anyone suggesting that IPv4 and IPv6 should have separate TLD's.

3. Even if a tor/ namespace were used, it should definitely not use a .tor TLD. Tor is a trademarked name, and The Tor Project would not be pleased if their name were used as a TLD without authorization. I doubt that they would actually sue Namecoin developers over it, but they might generate negative publicity for Namecoin (as they have done for TorMail and TorChat). Ignoring the legal issues, it simply is not ethical to use a TLD such as .tor which will inevitably result in support requests going to the Tor developers instead of Namecoin developers (wasting the time of the Tor developers). For similar reasons, we should not reuse the .i2p and .onion TLD's for Namecoin, as this will generate user confusion and misdirection of support requests. Doing so would also interfere with the I2P and Tor developers if they later decided to use a different method of human-readable names.

4. The ip6 field in the d/ spec should be restricted to addresses that are resolvable without specialized networking software. This means that OnionCat, GarliCat, Phantom, CJDNS, and any other nonstandard IPv6 addresses should be put in their own field in the d/ namespace. While it is theoretically possible for an implementation to ignore specialized IPv6 addresses, doing so complicates the setup and would probably require the implementation to do a lot of extra work, particularly if a domain is resolvable by multiple IPv6 addresses (remember, round-robin balancing needs to be supported by an implementation too). As new specialized IPv6 schemes are introduced, the implementation requirements for using the ip6 field for this purpose become increasingly complex, while using separate fields within the d/ spec remains simple (implementations simply won't be looking for those extra fields unless they want to use them). I imagine that it might be useful, however, for a resolver utility such as NMControl to offer a "getIp6Any" call, which would rely on user settings in NMControl's config file to control which specialized IPv6 address spaces are acceptable. For example, a user could configure NMControl to permit standard IPv6 addresses as well as Phantom and GarliCat addresses, while excluding anything else (e.g. OnionCat and CJDNS); this way the apps which query NMControl would always be given an IPv6 address that the system is capable of resolving while not requiring individual apps to be aware of those resolution systems.

I think these issues should be discussed sooner rather than later. What are your thoughts?
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

moa
Posts: 255
Joined: Mon May 23, 2011 6:13 am

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by moa »

I concur ... all good points.

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by phelix »

biolizard89 wrote:Why separate namespaces/TLD's for different resolvers are a bad idea

Recently, there have been proposals for separate namespaces/TLD's for different domain resolvers, e.g. tor/, i2p/, and an unspecified namespace for CJDNS. I think this is a poor engineering practice for several reasons. This post will attempt to discuss these issues.

1. Domains which support multiple resolvers should be able to specify all supported resolvers with a single name. This is not theoretical; WikiLeaks' submission system was available at both IPv4 and Onion addresses. Using a single name allows the owner of the name to prove that he/she considers all of the specified resolvers to be trustworthy (otherwise how would a user know that the owner of wikileaks.bit considers wikileaks.tor to be trustworthy?). It also allows domain owners to switch resolvers as necessary (e.g. a user offering an Onion service might later decide to also offer it on I2P). If tor/ and i2p/ were used rather than d/, the aforementioned domain owner would have to register 2 names before even deciding to use 2 resolvers, or else risk a squatter obtaining the 2nd name. (This becomes an even bigger problem if additional namespaces for extra resolvers are introduced later.)
Only now do I understand the problem. Website owners might also be forced to register any new namespace and would they come too late people might abuse their name on the other namespaces. So: +1
biolizard89 wrote: 2. The most common argument made in favor of separate namespaces/TLD's is that it is necessary for the user to be able to see which resolver is being used before clicking on a link, or that it is necessary for a web browser to be able to automatically block certain resolvers. The problem with this argument is that it takes a UI issue and tries to solve it as an backend issue. A proxy server such as Convergence or NmcSocks could easily block certain resolvers, and a browser UI add-on could also display which resolvers are used by a particular .bit domain. There is no reason to sacrifice the flexibility of the d/ namespace's backend engineering to fix a UI problem. If doing so were good engineering, then IPv4 and IPv6 would have separate TLD's, as they have similar issues. I don't see anyone suggesting that IPv4 and IPv6 should have separate TLD's.
I still think it is a strong argument. For the end user there is no difference between IPv4 and IPv6 but there might be a huge difference to tor (evil government comes after you or not).
biolizard89 wrote: 3. Even if a tor/ namespace were used, it should definitely not use a .tor TLD. Tor is a trademarked name, and The Tor Project would not be pleased if their name were used as a TLD without authorization. I doubt that they would actually sue Namecoin developers over it, but they might generate negative publicity for Namecoin (as they have done for TorMail and TorChat). Ignoring the legal issues, it simply is not ethical to use a TLD such as .tor which will inevitably result in support requests going to the Tor developers instead of Namecoin developers (wasting the time of the Tor developers). For similar reasons, we should not reuse the .i2p and .onion TLD's for Namecoin, as this will generate user confusion and misdirection of support requests. Doing so would also interfere with the I2P and Tor developers if they later decided to use a different method of human-readable names.
Don't rush to conclusions, let's ask them first. I attended a speech of Dingledine and Appelbaum a while ago and they seemed pretty open towards Bitcoin and putting keys into the blockchain.

IMHO it would be even better to use single letter tlds, .b instead of .bit (as vinced suggested should always work as a fall back), .t for tor and accordingly .i or .2 for .i2p
[/quote]
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by biolizard89 »

phelix wrote:
biolizard89 wrote: 2. The most common argument made in favor of separate namespaces/TLD's is that it is necessary for the user to be able to see which resolver is being used before clicking on a link, or that it is necessary for a web browser to be able to automatically block certain resolvers. The problem with this argument is that it takes a UI issue and tries to solve it as an backend issue. A proxy server such as Convergence or NmcSocks could easily block certain resolvers, and a browser UI add-on could also display which resolvers are used by a particular .bit domain. There is no reason to sacrifice the flexibility of the d/ namespace's backend engineering to fix a UI problem. If doing so were good engineering, then IPv4 and IPv6 would have separate TLD's, as they have similar issues. I don't see anyone suggesting that IPv4 and IPv6 should have separate TLD's.
I still think it is a strong argument. For the end user there is no difference between IPv4 and IPv6 but there might be a huge difference to tor (evil government comes after you or not).
Actually, IPv4 and IPv6 are fairly different in terms of privacy. Many DPI products just let IPv6 traffic through unchecked because they don't know how to parse the protocol. (Roger Dingledine and Jacob Appelbaum stated at the 2012 CCC Congress that no country in the world is currently known to block IPv6 Tor bridges.) Also IPv6 offers better privacy because it allows different connections to use different IP addresses. In any event, I think my point stands that these differences should be resolved at the UI level, not at the backend level. Convergence/NmcSocks/etc should be able to reject certain resolvers based on user preferences. They also should be able to automatically pick a resolver when multiple resolvers are available, based on user preferences (e.g. configure it to prefer Onion, allow I2P, and reject IPv4/IPv6).
phelix wrote:
biolizard89 wrote: 3. Even if a tor/ namespace were used, it should definitely not use a .tor TLD. Tor is a trademarked name, and The Tor Project would not be pleased if their name were used as a TLD without authorization. I doubt that they would actually sue Namecoin developers over it, but they might generate negative publicity for Namecoin (as they have done for TorMail and TorChat). Ignoring the legal issues, it simply is not ethical to use a TLD such as .tor which will inevitably result in support requests going to the Tor developers instead of Namecoin developers (wasting the time of the Tor developers). For similar reasons, we should not reuse the .i2p and .onion TLD's for Namecoin, as this will generate user confusion and misdirection of support requests. Doing so would also interfere with the I2P and Tor developers if they later decided to use a different method of human-readable names.
Don't rush to conclusions, let's ask them first. I attended a speech of Dingledine and Appelbaum a while ago and they seemed pretty open towards Bitcoin and putting keys into the blockchain.

IMHO it would be even better to use single letter tlds, .b instead of .bit (as vinced suggested should always work as a fall back), .t for tor and accordingly .i or .2 for .i2p
I can't picture the Tor people wanting us to use the .tor TLD due to the influx of support requests that would be misdirected. As far as I know they like the idea of TorMail and TorChat, but they're really unhappy about the use of the Tor trademark. Regarding single-letter TLD's... I honestly think .bit is more meaningful than .b. Using .t/.2/.i would solve the trademark issue, but not the other issues (and they are also not very meaningful).
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

virtual_master
Posts: 541
Joined: Mon May 20, 2013 12:03 pm
Contact:

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by virtual_master »

Your argumentation is based on a very high level understanding of networking and that makes it difficult for the most people to argument against it. They are also all valid points but it is focused to much on the service providers and not on the users.
biolizard89 wrote:Why separate namespaces/TLD's for different resolvers are a bad idea
Recently, there have been proposals for separate namespaces/TLD's for different domain resolvers, e.g. tor/, i2p/, and an unspecified namespace for CJDNS. I think this is a poor engineering practice for several reasons. This post will attempt to discuss these issues.
Let me bring some arguments against it.
biolizard89 wrote: 1. Domains which support multiple resolvers should be able to specify all supported resolvers with a single name. This is not theoretical; WikiLeaks' submission system was available at both IPv4 and Onion addresses. Using a single name allows the owner of the name to prove that he/she considers all of the specified resolvers to be trustworthy (otherwise how would a user know that the owner of wikileaks.bit considers wikileaks.tor to be trustworthy?). It also allows domain owners to switch resolvers as necessary (e.g. a user offering an Onion service might later decide to also offer it on I2P). If tor/ and i2p/ were used rather than d/, the aforementioned domain owner would have to register 2 names before even deciding to use 2 resolvers, or else risk a squatter obtaining the 2nd name. (This becomes an even bigger problem if additional namespaces for extra resolvers are introduced later.)
This is a valid point and a separated TLD for tor and I2P probably would bring a little bit more effort for the web service provider.
(at least for the administration/management)
However I am not sure if this one TLD system for multiple resolver wouldn't bring more technical complications even for them which could balance the administrative simplicity of one d/ TLD system. Probably the manager needs to work less but the technicians much more with a single d/ system.
But what is with the users of tor, I2P and usual web services ? They are much more in number than the service providers.
What are the interests of the surfers ? I will list some points on the 2. topic from the users point of view.
biolizard89 wrote: 2. The most common argument made in favor of separate namespaces/TLD's is that it is necessary for the user to be able to see which resolver is being used before clicking on a link, or that it is necessary for a web browser to be able to automatically block certain resolvers. The problem with this argument is that it takes a UI issue and tries to solve it as an backend issue. A proxy server such as Convergence or NmcSocks could easily block certain resolvers, and a browser UI add-on could also display which resolvers are used by a particular .bit domain. There is no reason to sacrifice the flexibility of the d/ namespace's backend engineering to fix a UI problem. If doing so were good engineering, then IPv4 and IPv6 would have separate TLD's, as they have similar issues. I don't see anyone suggesting that IPv4 and IPv6 should have separate TLD's.
This is a very strong argument in favor of the TLD separation. Let me expand it in more details.
- a. I begin with an example. An ordinary user in a country with an oppressive regime is reading sometimes the news from the opposition propagated via tor. He/she clicks on a opposition.bit link which is via tor and is private but forgets to start the browser in a tor environment. The request cannot be solved by the browser but he will be revealed as user of this site by the ISP which is giving the information to the regime and he will be put in jail for 20 years. It could be even worse if a total unaware user will click this link without knowing what it is.
Having opposition.tor the user will know/will be reminded to click this link only in a tor enabled environment.
-b. I am sure the most people have never used Convergence or NmcSocks. I also never used them. For the most people it is complicated enough to browse .bit domains. Now asking them to configure an extra proxy just to know which domain is for tor, I2P and usual it would be to much.
-c. IPv4 or IPv6 is not an issue for an ordinary surfer. He/she can surf them without knowing the difference because both serve the same purpose and they are not hidden services.
biolizard89 wrote: 3. Even if a tor/ namespace were used, it should definitely not use a .tor TLD. Tor is a trademarked name, and The Tor Project would not be pleased if their name were used as a TLD without authorization. I doubt that they would actually sue Namecoin developers over it, but they might generate negative publicity for Namecoin (as they have done for TorMail and TorChat). Ignoring the legal issues, it simply is not ethical to use a TLD such as .tor which will inevitably result in support requests going to the Tor developers instead of Namecoin developers (wasting the time of the Tor developers). For similar reasons, we should not reuse the .i2p and .onion TLD's for Namecoin, as this will generate user confusion and misdirection of support requests. Doing so would also interfere with the I2P and Tor developers if they later decided to use a different method of human-readable names.
I only expand some counterarguments and solutions brought by yourself:
- a. Trademarks
We should ask implementing(or helping on it) for the Tor development team on the tor/ TLDs. If they do it then they gave us automatically their permission. If they refuse it then we should use t/.
The same with I2P i2p/ if they do it or i/ if they do not.
The same if we would ask Google to implement a google/ domain over namecoin. If they do it then they agree.
- b. For the users would be better and more clear to have .tor and .i2p but even using only .t and .i would be much better then using just .bit for it.

Additional considerations:
- .bit resolver should block all tor and i2p addresses otherwise the user preferences would be reveled like 2a with fatal consequences in some cases
- .tor and .i2p (.t or .i) resolving could enable clearnet addresses also which would give more flexibility
opposition.tor could be just a forwarding to opposition.org or an IP but signalling that you should use tor environment if you are in an oppressive country (if you are in a free country than you can click on it and it will be resolved in an ordinary browser also and you have more speed)
- anyway we are lacking of development power so let us ask the Tor and and I2P developers if they are interested to implement .tor and .i2p support over their network
If yes then this separation brings additional advantages having the development tasks in more clear frames.
May be they also bring some arguments in favor or against and we will see more aspects.
http://namecoinia.org/
Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba | NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S

domob
Posts: 1129
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by domob »

This is an interesting discussion. Here's my opinion so far: I agree that using "just" d/ names for all kind of domains makes things easier for the maintainer and seems cleaner from a design perspective (I like the argument that this allows everyone to be sure that really one single entity is in charge of all the different resolvers and encourages them). But on the other hand I also think that different TLDs are a good idea in order to prevent someone from accidentally accessing a .tor link over a clear connection - in my opinion, especially since Namecoin / Tor are tools designed for people in oppressive regimes and other "security critical" applications, it should be possible and easily so to prevent data leakage by all means.

So what about the following suggestion: Store all resolving data just in d/ names, but still allow multiple TLDs like .bit (tries all resolvers), .tor (only resolves via the "onion" field and fails if no such field is given for the name) or .i2p (only resolve over I2P and fail if not possible)? The only argument that still applies to this solution is the one about Tor being trade-marked, but this seems the weakest to me. If it really is a problem (and yes, I can understand that the Tor people may not be happy to have us use .tor without any consent) just kindly ask them about their opinion or use something else like .t.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by phelix »

domob wrote:This is an interesting discussion. Here's my opinion so far: I agree that using "just" d/ names for all kind of domains makes things easier for the maintainer and seems cleaner from a design perspective (I like the argument that this allows everyone to be sure that really one single entity is in charge of all the different resolvers and encourages them). But on the other hand I also think that different TLDs are a good idea in order to prevent someone from accidentally accessing a .tor link over a clear connection - in my opinion, especially since Namecoin / Tor are tools designed for people in oppressive regimes and other "security critical" applications, it should be possible and easily so to prevent data leakage by all means.

So what about the following suggestion: Store all resolving data just in d/ names, but still allow multiple TLDs like .bit (tries all resolvers), .tor (only resolves via the "onion" field and fails if no such field is given for the name) or .i2p (only resolve over I2P and fail if not possible)? The only argument that still applies to this solution is the one about Tor being trade-marked, but this seems the weakest to me. If it really is a problem (and yes, I can understand that the Tor people may not be happy to have us use .tor without any consent) just kindly ask them about their opinion or use something else like .t.
Sounds like a good solution to me.

.bit --> ipv6/ipv4/tor/i2p or personal preference/order via ui
.tor/.t --> tor only
.i2p/.i/.2 --> i2p only
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by biolizard89 »

phelix wrote:
domob wrote:This is an interesting discussion. Here's my opinion so far: I agree that using "just" d/ names for all kind of domains makes things easier for the maintainer and seems cleaner from a design perspective (I like the argument that this allows everyone to be sure that really one single entity is in charge of all the different resolvers and encourages them). But on the other hand I also think that different TLDs are a good idea in order to prevent someone from accidentally accessing a .tor link over a clear connection - in my opinion, especially since Namecoin / Tor are tools designed for people in oppressive regimes and other "security critical" applications, it should be possible and easily so to prevent data leakage by all means.

So what about the following suggestion: Store all resolving data just in d/ names, but still allow multiple TLDs like .bit (tries all resolvers), .tor (only resolves via the "onion" field and fails if no such field is given for the name) or .i2p (only resolve over I2P and fail if not possible)? The only argument that still applies to this solution is the one about Tor being trade-marked, but this seems the weakest to me. If it really is a problem (and yes, I can understand that the Tor people may not be happy to have us use .tor without any consent) just kindly ask them about their opinion or use something else like .t.
Sounds like a good solution to me.

.bit --> ipv6/ipv4/tor/i2p or personal preference/order via ui
.tor/.t --> tor only
.i2p/.i/.2 --> i2p only
This does sound like a good solution. To avoid trademark issues, how about the following:

(All TLD's use the d/ namespace)
.bit: tries all supported resolvers according to user preferences / implementation decision
.bitip: tries IPv4 and IPv6
.bitip4: IPv4 only
.bitip6: IPv6 only
.bittor: Tor only
.biti2p: I2P only
etc. for other resolvers e.g. Phantom, OnionCat, GarliCat, cjdns, etc., if supported by implementation

This yields meaningful/memorable TLD's (single-letter TLD's are hard to attach meaning to), without causing user confusion. TLD's longer than 3 characters are standard already, e.g. ".museum", and various OpenNIC TLD's. While the letters "tor" do appear, when users Google for "bittor" they would get a Namecoin site, not a Tor Project site, and it does not give the impression that it is Tor Project produced software. This is sufficient to avoid trademark infringement. Also, using more than 1 letter gives us clearance to add resolvers later which start with a t/i/p/o/g/c, and not have collisions.

As an aside... any implementation of this should enforce that the onion field's value ends with ".onion"; etc. for other resolvers; otherwise this could be exploited to direct a .bittor address to an IPv4 address.

Thoughts?
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

domob
Posts: 1129
Joined: Mon Jun 24, 2013 11:27 am
Contact:

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by domob »

biolizard89 wrote:(All TLD's use the d/ namespace)
.bit: tries all supported resolvers according to user preferences / implementation decision
.bitip: tries IPv4 and IPv6
.bitip4: IPv4 only
.bitip6: IPv6 only
.bittor: Tor only
.biti2p: I2P only
etc. for other resolvers e.g. Phantom, OnionCat, GarliCat, cjdns, etc., if supported by implementation

This yields meaningful/memorable TLD's (single-letter TLD's are hard to attach meaning to), without causing user confusion. TLD's longer than 3 characters are standard already, e.g. ".museum", and various OpenNIC TLD's. While the letters "tor" do appear, when users Google for "bittor" they would get a Namecoin site, not a Tor Project site, and it does not give the impression that it is Tor Project produced software. This is sufficient to avoid trademark infringement. Also, using more than 1 letter gives us clearance to add resolvers later which start with a t/i/p/o/g/c, and not have collisions.
Sounds good! Alternatively we could use hierarchical domains like ".tor.bit" (where .bit is the "master domain" and .tor is a child zone, like .gv.at is a child TLD to .at), but I think .bittor and co. are clear enough.
biolizard89 wrote:As an aside... any implementation of this should enforce that the onion field's value ends with ".onion"; etc. for other resolvers; otherwise this could be exploited to direct a .bittor address to an IPv4 address.
Absolutely! But I thought this was clear anyway - when I type in some .bittor address, it should never leak any information over clearnet and just fail if there's no valid .onion address supplied in the d/ name or when Tor is not available on my system.
BTC: 1domobKsPZ5cWk2kXssD8p8ES1qffGUCm | NMC: NCdomobcmcmVdxC5yxMitojQ4tvAtv99pY
BM-GtQnWM3vcdorfqpKXsmfHQ4rVYPG5pKS
Use your Namecoin identity as OpenID: https://nameid.org/

virtual_master
Posts: 541
Joined: Mon May 20, 2013 12:03 pm
Contact:

Re: Why separate namespaces/TLD's for Tor/I2P are a bad idea

Post by virtual_master »

1. .bit --> clearnet (ipv6/ipv4 and everything else)
2. .tor/.t --> evrything intended to be seen on tor (a. all .onion addresses and b. may be some clearnet addresses also intended to be seen on tor in an oppressive country)
3. .i2p/.i/.2 --> i2p only
-----------
But I am not sure if 2b wouldn't create confusion and create a negative impression so best would be:
1. .bit --> all clearnet addresses(ipv6/ipv4 and everything else)
2. .tor/.t --> all onion addresses
3. .i2p/.i/.2 --> all i2p addresses
may be additionally
4. .mix -> here can be all mixed and the TLD denomination is suggestive

But as we distance from the most clear (and surfer safe) implementation that could lead to the dismemberment of the namecoin DNS system. (one proxy would interpret in a way, another in a different way)
http://namecoinia.org/
Calendars for free to print: 2014 Calendar in JPG | 2014 Calendar in PDF Protect the Environment with Namecoin: 2014 Calendar in JPG | 2014 Calendar in PDF
BTC: 15KXVQv7UGtUoTe5VNWXT1bMz46MXuePba | NMC: NABFA31b3x7CvhKMxcipUqA3TnKsNfCC7S

Post Reply