back to article It's official: Tor's .onion domains must be kept off the public internet

Software is forbidden from using Tor URLs ending in .onion on the public internet following the publication of RFC 7686, which makes the top-level domain a "special use" case. The cyber-veg also joins a very short list of names including .example, .invalid, .local, and .test that will not be added to the internet's root zone …

  1. MrT

    Shrek...

    ... will just have to bid on a .ogre domain then, especially since layer.cake is probably already taken and layer.onion isn't allowed...

    1. Fungus Bob
      Coat

      Re: Shrek...

      Also, layer.cakes don't smell bad and make people cry.

      Mine's the one with parfait in the pocket...

  2. url

    if they'd gone with .tor at the beginning

    just sayin'.

    glad to see the .onion getting official recognition and more importantly, the sec. certs needed.

    Interesting to see .12p being considered.

    1. LucreLout

      Re: if they'd gone with .tor at the beginning

      @url

      Interesting to see .12p being considered.

      Ok, I'm maybe just a luddite, or perhaps just old, but what does 12p signify please? Same for the other extenders listed? It's probably obvious, but I don't use TOR a lot - I just fire it up once in a while and use it for mundane things to add to the noise side of the signal:noise ratio.

      Ordinarily I'd search for it, but as I'm on the corporate network, and have no idea what I'll find, I thought I'd just ask instead.

      1. Ben Tasker

        Re: if they'd gone with .tor at the beginning

        Op made a typo, it should be .i2p

        I2p is another anonymising network, the way it works at the technical level is different to Tor, though at a high level they probably don't look much different

        1. LucreLout

          Re: if they'd gone with .tor at the beginning

          @Ben Tasker

          Thanks for that. The veil of ignorance lifts a little further... Having done a very quick search for I2P, I have something else to add to my evening projects list.

  3. ZSn

    Certificates?

    Out of curiosity how do you go about get certificates for a .onion domain? For some, perhaps such as the Facebook example. However for some of the secure drop one out would be doubtful. For whatever the current silk road site is nowadays I would love to see the application form: hello verisign my name is dread pirate Roberts and I would like to pay in cash, my company err it's just like ebay, honestly...

    1. Ben Tasker

      Re: Certificates?

      At the moment you have to go through extended validation.

      Basically, you probably only want to get a cert when you (as a site operator) don't mind giving up some anonymity in exchange for allowing visitors additional verification that they've reached your site and not a doppelganger

      My personal site is dual homed between Tor and the clearnet, there's no attempt to hide who the operator of the onion is, so I could look at getting a cert for the onion. The main reason I haven't is EV is pricey.

      DPR wouldn't have wanted to sacrifice anonymity and so couldn't have obtained a cert under the current system

  4. Herby

    Then there are other bad things.

    The company I used to work for used "private.lan.com" as an internal example. The problem is that 'lan.com' is for the Chile National Airline.

    Yes, I tried to tell them that, but to no avail.

    1. phuzz Silver badge

      Re: Then there are other bad things.

      The first company I sysadmin'd for used their main domain name (company.co.uk) as the Active Directory domain name, causing much DNS updating every time they wanted to add a new sub domain on the web.

      Currently I'm dealing with a company that uses "domain.lan", but I notice .lan isn't on the reserved list so maybe that'll be a problem down the line.

  5. Anonymous Coward
    Anonymous Coward

    Onion domains?

    You mean men on bicycles in France?

  6. Known Hero

    The service is used by journalists, activists, and criminals, as a way to avoid identification.

    Yes not by everyday people concerned about privacy.

    So unless your a journo, you must be either a Activist skirting the edge of the law or a hardened criminal!

    Wanna throw peedo into that list as well, really make sure we feel guilty for using Tor ?

    1. Pascal Monett Silver badge
      Trollface

      Yes, but the NSA needs to watch everything you do to ensure that your privacy is safeguarded !

      Otherwise the terrorists will win !

    2. phuzz Silver badge
      Pirate

      You're forgetting two other big demographics who use tor, pirates and paranoids.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like