Found 1 record.

Status: Held for Document Update (1)

RFC 7686, "The ".onion" Special-Use Domain Name", October 2015

Errata ID: 6761
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Peter van Dijk
Date Reported: 2021-11-29
Held for Document Update by: Mohamed Boucadair
Date Held: 2025-06-11

Section 2 says:

   5.  Authoritative DNS Servers: Authoritative servers MUST respond to
       queries for .onion with NXDOMAIN.

   6.  DNS Server Operators: Operators MUST NOT configure an
       authoritative DNS server to answer queries for .onion.  If they
       do so, client software is likely to ignore any results (see
       above).

It should say:

   5.  Authoritative DNS Servers: Authoritative servers SHOULD NOT
       recognize .onion names as special and MUST NOT treat queries for
       .onion names differently from other queries.

   6.  DNS Server Operators: Operators MUST NOT configure an
       authoritative DNS server to answer authoritatively to queries for names in .onion.  If they
       do so, client software is likely to ignore any results (see
       above).

Notes:

The original text for 5 and 6 is conflicting. A name server cannot respond with NXDOMAIN (which is an authoritative answer) without having a zone configured to serve that NXDOMAIN from. Clearly the intent of the text is that clients will not find authoritative answers to .onion queries anywhere in the DNS.

===Verifier note

see https://mailarchive.ietf.org/arch/msg/dnsop/S2mQZ83THHjV0z8A2iXAtG8Vrpc/

Report New Errata