[dns-operations] TLD(s) for private use

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Sep 6 11:45:22 UTC 2017

On Wed, Sep 06, 2017 at 12:22:23PM +0100,
 James Stevens <James.Stevens at jrcs.co.uk> wrote 
 a message of 63 lines which said:

> "[25]" is this link ...
> https://web.archive.org/web/20070306080355/http://www.iso.org/iso/en/prods-services/iso3166ma/10faq/frequently-asked-questions.html#Q09

I'm corrected (I hate those "standards" which are not even available

> > No, the "correct" (or at least recommended) procedure is to use a
> > subdomain of one of your domains
> The "fear" I have with this technique is that there is the
> /potential/ for the data to get out into the public domain, as its
> hosted in a publicly accessible TLD.

I don't see why? "Local" or "private" domain names leak, yes, that's a
fact, but it happens whether it is a TLD or not. At least, with a
subdomain, the risk of the full query going to the root is lower. (Of
course, everyone should use QNAME minimisation but it is another

More information about the dns-operations mailing list