On Tue, Jul 10, 2012 at 7:24 AM, Karsten Loesing karsten@torproject.org wrote:
On 7/7/12 7:06 PM, Nick Mathewson wrote:
The only part I'm worried about here is that we had once considered doing authenticated hidden services or some other kind of wacky hidden service with a design like "bbbbbbbbb.aaaaaaaaaaaaaaa.onion", where bbbbbbbbb is some additional data to use in the protocol.
Still, we can still do the above proposal and save room to extend the .onion address scheme: just reserve *.x.onion for all x of length other than 16.
From proposal 121, written in December 2007:
"Currently, rend-spec contains the proposition to encode client-side authorization data in the URL, like in x.y.z.onion. This was never used and is also a bad idea, because in case of HTTP the requested URL may be contained in the Host and Referer fields."
Current rend-spec.txt doesn't mention anything like *.*.onion anymore. The way how additional data is provided is by using torrc options, not as part of the URL.
Then I see no reason not to accept this proposal. Does anyone else?