RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 1 record.

Status: Reported (1)

RFC 7686, "The ".onion" Special-Use Domain Name", October 2015

Source of RFC: dnsop (ops)

Errata ID: 6761
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Peter van Dijk
Date Reported: 2021-11-29

Section 2 says:

   5.  Authoritative DNS Servers: Authoritative servers MUST respond to
       queries for .onion with NXDOMAIN.

   6.  DNS Server Operators: Operators MUST NOT configure an
       authoritative DNS server to answer queries for .onion.  If they
       do so, client software is likely to ignore any results (see
       above).

It should say:

   5.  Authoritative DNS Servers: Authoritative servers MUST respond non-authoritatively to
       queries for names in .onion.

   6.  DNS Server Operators: Operators MUST NOT configure an
       authoritative DNS server to answer authoritatively to queries for names in .onion.  If they
       do so, client software is likely to ignore any results (see
       above).

Notes:

The original text for 5 and 6 is conflicting. A name server cannot respond with NXDOMAIN (which is an authoritative answer) without having a zone configured to serve that NXDOMAIN from. Clearly the intent of the text is that clients will not find authoritative answers to .onion queries anywhere in the DNS.

Report New Errata