RFC Errata
Found 1 record.
Status: Reported (1)
RFC 7686, "The ".onion" Special-Use Domain Name", October 2015
Source of RFC: dnsop (ops)
Errata ID: 6761
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Peter van Dijk
Date Reported: 2021-11-29
Section 2 says:
5. Authoritative DNS Servers: Authoritative servers MUST respond to queries for .onion with NXDOMAIN. 6. DNS Server Operators: Operators MUST NOT configure an authoritative DNS server to answer queries for .onion. If they do so, client software is likely to ignore any results (see above).
It should say:
5. Authoritative DNS Servers: Authoritative servers MUST respond non-authoritatively to queries for names in .onion. 6. DNS Server Operators: Operators MUST NOT configure an authoritative DNS server to answer authoritatively to queries for names in .onion. If they do so, client software is likely to ignore any results (see above).
Notes:
The original text for 5 and 6 is conflicting. A name server cannot respond with NXDOMAIN (which is an authoritative answer) without having a zone configured to serve that NXDOMAIN from. Clearly the intent of the text is that clients will not find authoritative answers to .onion queries anywhere in the DNS.