Slashdot Mirror
.Onion Gets a Boost From IETF, IANA: Now It's a Special-Use Domain
An anonymous reader writes: As tweeted by Jacob Appelbaum, the Internet Assigned Numbers Authority
today listed .onion as a special-use domain, and the IETF approved a Draft RFC for the domain describing its intended uses. As described on the Facebook Over Tor page, "Jointly, these actions enable '.onion' as special-use, top-level domain name for which SSL certificates may be issued in accordance with the Certificate-Authority & Browser Forum 'Ballot 144' — which was passed in February this year. ... Together, this assures the validity and future availability of SSL certificates in order to assert and protect the ownership of Onion sites throughout the whole of the Tor network."
Area man pretends to give a shit.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Holy crap, I haven't read TFA of course, but does this mean they have devoted a top-level domain to parody news?
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
Having the host of the .onion be verified in the real world, while keeping their users anonymous is a good thing. You really don't need to know _where_ in the world I am or what my IP address is when I come to your website. You might even be able to track my persona as usual, and serve me "relevant" ads as usual, but with no clue as to who I am or where I come from (unless I tell you), and that's fine too, while I can regenerate my persona (erase cookies and the like) at any point and start over.
What about Terry Wrist? You should get better at infiltration. Thinking everybody might be Terry Wrist and tapping them accordingly is just lazy, and the real Terry Wrist might still get away because you didn't look in the right place.
"Everybody's naked underneath" -- The Doctor
Y'know, a .theonion domain would be really useful: all satire websites could use it, and we could program browsers to add "[THIS IS SATIRE YOU MORON]" whenever my relatives paste a .theonion URL into Facebook.
Y'know, a .theonion domain would be really useful: all satire websites could use it, and we could program browsers to add "[THIS IS SATIRE YOU MORON]" whenever my relatives paste a .theonion URL into Facebook.
Which would immediately ruin all the fun when someone gets Onioned.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
I don't know. Given past situations, people will manage to miss all the signs and post it as fact anyways.
theonion.onion I love it!!!
or is that redundant like slashdot dot org and it should become https://the.onion/ ?
The .onion domain is more geared towards websites run as hidden service so they cannot be identified. If you already use TOR, you can browse regular or hidden service websites anonymously already. The .onion domain protects the hidden service websites from being discovered. For example, SilkRoad ran as a hidden service which made it harder to trace who ran it (but it was eventually discovered by other social engineering means).
That makes SSL for .onion useless. SSL is for authenticating the operator's identity of the website. Why would a website simultaneously choose to be identified and not identified at the same time? That's oxymoron.
I once had a signature.
Last time I checked, the reason you had an SSL certificate issued (as opposed to just generating a private one) was to validate the identity of the website. Services that run on .onion domains do so to remain anonymous.
One can already access "normal" websites through the Tor network, so I am really not sure what the point of all this is. I guess I would assume that if a site operator purchases a ".onion" certificate from a Certificate Authority, they do not understand the reasons for the security model. I would not trust such a site. One could assume that since the site owner's identity has been compromised (by their own volition) that the site itself is also to be untrusted.
In recent elections here in the US, we've been reading of studies showing that the voters who are most knowledgeable about the candidates and the issues are those who follow various satirical news sites. The Daily Show, the Colbert Report, the Onion, and even Wait Wait Don't Tell Me have been named as being highly correlated with informedness. So yes, it makes sense at least minimal sense to have a satire/parody/humor top-level domain.
Of course, Poe's Law applies even here, and we'll continue to see articles posted as fact, even when they're clearly labelled as satire by their URL.
What I'm looking forward to is someone setting up an actual news site there that specializes in stories that really seem like parody or saire, but are actually true. The world has enough such stories to keep at least a small team of journalists busy.
(And I do expect a reply to the above saying "correlation is not causation", so don't disappoint me ...)
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
With the overuse of technical jargon in jumbled sentences that don't really have any meaning, I'm sure the implication in the summary is that .onion is reserved for satire.
"I haven't seen 'The Ride with Jim Anchower' lately. Will that bring it back?" -- Herkimer Q. Phosbot, Sewer Snake Cleaner
if this is supposed to be a new economy, how come they still want my old fashioned money?
Likewise msbnc.onion and cnn.onion :-p
SSL certs do multiple things - protecting your connection, but also demonstrating that you've connected to the destination you thought you did. That destination might be a well-known brand name, or it might be some random person, or it might be some website you don't care who's running it - but you might want to know that the "buy-drugs-here.onion" you're connecting to today is the same "buy-drugs-here.onion" you connected to yesterday. A self-signed cert doesn't always give you that.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Obviously The Onion deserves special handling to make sure their brand name is protected - you wouldn't want to go to a website called "the.onion", find real news stories there, and assume they're fake. Think how badly that could be abused!
But the more interesting part of this story is that IETF and IANA seem to be asserting that they still have some control domain name system, even though ICANN appropriated it for themselves some years ago, and has tried to also control some IANA functions like IPv6 name space. (In case you weren't paying attention back when that happened, there was an "IETF Ad Hoc Committee" trying to expand the Top Level Domain space, and it had gotten as far as proposing an initial set of seven fairly lame TLDs to try out first, and even though the Trademark Gods had been able to have some influence over the IAHC's policies, such as getting them to ask for True Names and Addresses for whois so that trademark suits could be filed, that wasn't enough control for them so they started ICANN to be less responsive to the internet community and more responsive to the Intellectual Property racketeers.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
How about theonion.onion? Would that be a meta-site for faking fake news, and hiding the people that are thus releasing actual valid information disguised as satire? Sounds like a useful site for the world's whistle blowers ...
(The folks over at theonion.com have been known to "complain" about all the dummies who post their stories as factual new reports. Maybe we could help them out here.)
Those who do study history are doomed to stand helplessly by while everyone else repeats it.