Discussion:
[tor-dev] Doesn't hidden services break RFC 3986?
Ryan Carboni
2017-08-14 00:06:20 UTC
Permalink
https://tools.ietf.org/html/rfc3986#section-3
By placing the scheme within the authority as a tld while using the same
authority as the HTTP specification, this probably breaks RFC 3986 and
maybe others.

I might be a bit late in saying this.
Andreas Krey
2017-08-14 07:53:38 UTC
Permalink
Post by Ryan Carboni
https://tools.ietf.org/html/rfc3986#section-3
By placing the scheme within the authority as a tld while using the same
authority as the HTTP specification, this probably breaks RFC 3986 and
maybe others.
RFC7686 deals with that.

Andreas
--
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
Alec Muffett
2017-08-14 07:56:37 UTC
Permalink
Also: just because it's HTTP/S running over a different network stack,
doesn't make it a new scheme.

Just because your dinner arrives on a different plate doesn't mean the
recipe has changed. :-)
Post by Andreas Krey
Post by Ryan Carboni
https://tools.ietf.org/html/rfc3986#section-3
By placing the scheme within the authority as a tld while using the same
authority as the HTTP specification, this probably breaks RFC 3986 and
maybe others.
RFC7686 deals with that.
Andreas
--
"Totally trivial. Famous last words."
Date: Fri, 22 Jan 2010 07:29:21 -0800
_______________________________________________
tor-dev mailing list
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Ryan Carboni
2017-08-14 17:18:31 UTC
Permalink
Also: just because it's HTTP/S running over a different network stack,
doesn't make it a new scheme.

Just because your dinner arrives on a different plate doesn't mean the
recipe has changed. :-)

---

https://bugzilla.mozilla.org/show_bug.cgi?id=1228457

Tor is a strange sort of sacred cow

highly revered

leaks much methane

But RFC 7686 literally bent over backwards to rewrite multiple standards
because Tor was long existing. ".onion" shouldn't be resolved or sent over
the internet.
Sure, IP multicast had to be implemented, but its relevance to people not
replacing analog technologies isn't particularly great, and those are
corporations who make billions combined per year.

But uh yes. Only the plate changed. But internet standards are very clear
on plate specifications. Or rather, "authority" lookup. The dinnerware
request protocol is pretty clear on this, with other protocols providing
for saran-wrap or foil-wrap encapsulation, with their own provisions for
exterior labeling.

(or if there was a new way to link to torrent hashes, do you think it
should be "torrent://hash/" or "hash.torrent"?)

Although, if you guys really want to risk your government funding, I
suggest $10,000 bug bounties out of a fund sized large enough to hire a
single programmer (assuming there's a risk that you'll have more than a
dozen severe bugs). To make things more difficult for the NSA, make it
clear that there is no requirement for a cyber arms seller to stay bought
by one person. Or propagate a meme that a cyber arms seller could sell the
idea of an exploit to another cyber arms seller to write a new exploit for
the same bug. Force folks like zerodium to pay twice.


or uh "Make the enemy live up to its own book of rules."

But who is your enemy?

Loading...