It was recently announced that .onion domain has been added to the list containing Special-Use Domain Names; this was done with help from the Engineering Task Force organization and Internet-Assigned Numbers Authority who together form part of ICANN. The technology was previously referred to as psdeuo-TLD, and made it possible for .onion domains to be applied on regular web. But now it’s only limited to the Tor network. There’s also possibility that site-specific encryption and use of Internet security certificates will follow.
The level of online anonymity offered has numerous benefits not only to nefarious sites, but also news outlets which take it as a way of secretively gathering information, plus Facebook further uses it to protect accounts from unauthorized breaching.
Official recognition of this domain will help improve online anonymity for web users, by limiting the chances of their IP addresses being detected by other people. In light of these new changes, all applications including proxy servers which implement the Tor protocol must recognize .onion extension as unique by either accessing them straightly, or using proxy to do so. Similarly, those that don’t implement this network will generate a default error upon opening the onion site, they are also advised not to run a DNS checkup as this won’t help in resolving the issue.
As for Libraries and Name Resolution APIs, respondents must either react to access requests by resolving them based on data from NXDOMAIN, also popularly known as tor-rendezvous. Similarly, Caching DNS Servers which may not have been explicitly improvised to interoperate with Tor shouldn’t attempt to check up records for network names, but must rather use NXDOMAIN for such queries. The same applies to Authoritative servers.
The prospects of TLS and SSL certification are important for standardization and wider recognition of Tor, both help give users confidence that the sites they’re dealing with are legit and capable of protecting their online anonymity. Generally, Tor ecosystem will benefit from same levels of security as the rest of the net but with an added layer of safety and online anonymity.