[dns-operations] TLD(s) for private use

Suzanne Woolf suzworldwide at gmail.com
Wed Sep 6 16:14:32 UTC 2017 

On Sep 6, 2017, at 11:22 AM, Warren Kumari <warren at kumari.net> wrote:

> On Wed, Sep 6, 2017 at 6:31 AM, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
>> Funny, we just had a long discussion in an IETF working group about
>> that :-)
>> 
> 
> ... and just for completeness,  it is this document:
> https://tools.ietf.org/html/draft-wkumari-dnsop-internal-00

In fairness, the discussion about special use names has proceeded somewhat sporadically in the DNSOP working group in the IETF for quite a long time now, and Warren's document addresses the specific use case we've been discussing but hardly touches on the full breadth of the topic.

Outcomes of that discussion have also included https://www.ietf.org/id/draft-ietf-dnsop-sutld-ps-08.txt, which attempts to describe the complexities regarding "special use domain names" (and will shortly be published as an Informational RFC). The TL;DR version of the discussion is that there are several use cases for domain names and significant subtleties come out of trying to make them interoperate. 

Some issues are just like the challenges with RFC 1918 IP addresses; some are different, at least in part because people care both about having domain names that are unique within a particular scope, and about which names those are-- short strings, or "words," or IDNs. (IP addresses are fixed length and people are usually, although not always, indifferent to which numbers they get, aside from concerns of routability and aggregatability.)

> 
> Note that this might be a horrendous idea, but people have been asking
> for something like this for years, and simply squatting on strings
> (.home, .corp, .mail, .network, .server, etc) because they don't have
> a safe place to do $whatever.

Part of the challenge is that domain names aren't used only in DNS. Another part is that the DNS protocol assumes a global or default context for resolution, so it's hard to indicate what "local" means. 

Endless fun…. :(


Suzanne
> 
>> On Wed, Sep 06, 2017 at 10:28:23AM +0100,
>> James Stevens <James.Stevens at jrcs.co.uk> wrote
>> a message of 26 lines which said:
>> 
>>> Apart from those in RFC-6761, is there any TLD, or format of TLD,
>>> that can be used for private use that is guaranteed never to be
>>> allocated?
>> 
>> No. (Or, to be careful, "not yet".)
>> 
>>> I'm guessing dot-ZZ might fit that criterion, on the basis no country will
>>> ever get it,
>> 
>> I wouldn't be so sure, ISO 3166 does not reserve that code in any way.
>> 
>>> Or is the correct procedure to be using something like
>>> "data.invalid."?
>> 
>> No, the "correct" (or at least recommended) procedure is to use a
>> subdomain of one of your domains. (If you are example.com, use
>> priv.example.com.) One of the reasons for this recommendation is the
>> need for uniqueness (think merging and acquisition, and the problems
>> of people who had to merge RFC-1918 networks.)
>> 
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>> dns-operations mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> 
> 
> 
> -- 
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>   ---maf
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

More information about the dns-operations mailing list