hlandau
commented
9 years ago This is a DNS-imposed constraint. It's not something we can change. Either a DNS server is authoritative or it non-authoritatively expresses a delegation, in which case it can't authoritatively state any records of its own.
You could use DS records to securely delegate and place the TXT records on the nameserver, though.
Should non-DNS address items like tor/i2p/freenet be subject to the suppression rules? If they are not, it is more difficult to represent them by TXT records in DNS bridges. Given what @hlandau and I were discussing about using PowerDNS + Unbound to handle the suppression rules, that would be potentially problematic if I'm not mistaken.
This doesn't apply to "info", which is not an address but instead metadata.
EDIT: To be more specific. Let's say that I specify *.example.bit to point to a .onion. PowerDNS+Unbound would correctly infer the IP address for test.example.bit, but if we don't follow the suppression rules for .onion, we would have to throw out PowerDNS's logic for the .onion. If we instead define the .onion to indicate a TXT record, then the wildcard works properly -- at the expense that we can't use both ns and tor for the same name. (SRV would work fine for that use case.)