[dns-operations] Karl Auerbach on adding 'millions' more TLD - what do folks think about the operational impact?

Douglas Otis dotis at mail-abuse.org
Tue Jan 9 03:05:47 UTC 2007

On Jan 8, 2007, at 2:18 PM, Patrik Fältström wrote:
> On 8 jan 2007, at 23.11, Douglas Otis wrote:
>> Internationalization might have a significant impact on the number  
>> of TLDs, and would be hard to stop.
> 6000 languages times 300 TLDs = more zones than today.

Limited to languages where ASCII is problematic reduces this number.   
Catering to these languages may invite ACE labels as substitutes for  
existing gTLDs, ccTLDs and SLDs that redirect the application.   
Ideally this translation should take place within the application  
using established conventions.  Without translational conventions at  
the application, a desire to cater to non-ASCII languages may create  
an N factorial expansion of TLDs.  ICANN probably finds itself  
wandering down the road of internationalization to remain relevant.   
One must wonder where this road leads.


The consideration of .xxx sTLD is to categorize adult material of a  
sexual nature.  Web filtering products resolve more than 80  
categories, where .xxx falls within several of these.  Perhaps SLDs  
will further resolve content within this category.  Perhaps .adult  
or .mature is next, as content that is not sexual may upset some  
communities wishing to protect their children.  Will there will be  
religious TLDs for every faith?  There should be a .zealot TLD for  
me. : )

 From a categorization standpoint, an efficient means to report on  
domain changes would be helpful.  Zone transfers, even when  
available, introduce a sizable delay.  Such transfers can not be done  
continuously.  When 5% of a large TLD changes daily due to an  
inability to deal with fraudulent transactions, tracking illegal  
activity requires tools that scale with this situation, even if only  
to indicate when a domain is being added or removed.

> Yes, we might be far away from the number of TLDs that can be  
> handled, but the questions for me has always been (1) how do we say  
> no to TLD N+1 and (2) why should we create more TLDs, because we can?

There will always be a desire to create more TLDs.  It seems .com has  
demonstrated that the trunk of this tree can become very large and  
still be facilitated.  It is clear the management rules within the  
TLDs are too lax.  There are holding periods for hand guns because  
these items are often used in the commission of crime.  Using the  
same logic, there could also be reporting and a holding period prior  
to the introduction of a new domain under any TLD.  Who can make that  

> Will we get the same size of the root zone as .COM, and how fast? I  
> think we talk about at least the size of the largest 2nd level  
> domain of today. Why should not anyone that have foo.bar today not  
> register just foo tomorrow? Was not the idea that the DNS data  
> structure should be hierarchal to make caching and the protocol  
> more efficient? What happens if the data structure ends up being  
> flat? HOSTS.TXT anyone, with DNS only as the distribution protocol?

The justification for newer TLDs is likely to occur one precedent at  
a time.  Basing TLDs upon geographic location, content, and language  
already has a potential to dramatically increase the number of  
registries.  Tracking these entities requires far better tools however.

> Other difficult questions are, I think, what responsibilities "we"  
> have (for some definition of "we") that a domain name that is  
> registered will always be in DNS even if the registry go "poof" and  
> who should be the registry for a given TLD. And million of other  
> questions of course that have nothing to do with the value of N.

When there is money to be made, it seems likely registries will not  
go away easily.  A more interesting possibility exists that could be  
significantly more difficult to manage.  The next version of Windows  
(with upgrades for XP), introduces a new namespace that does not use  
any registry or rely upon DNS.  Routing information returned by this  
new service also routes packets beyond NATs, and tunnels IPv6 over  
IPv4.  As bad as security is, it can be worse.


More information about the dns-operations mailing list