On Tue, 11 Nov 2008 17:14:30 +0100, <Ray.Bellis at nominet.org.uk> wrote:
What I am interested in is whether or not example.co.uk and co.uk are administrated by different entities, and where the separation occur, andthat that change in administration signifies that any x.co.uk andy.co.ukare not considered part of the same domain, but separate domains, andthatas a consequence a.x.co.uk, b.x.co.uk, and x.co.uk are in the samedomainand under the same administrator. To put it in a different way: What the suggested specification file distributes is the vertical boundary separating domains actingeffectivelyas TLDs (e.g. co.uk) and domains that are not acting as TLDs (example.co.uk). I have been calling these TLD-like domains "subTLDs",butothers are calling them "Effective TLDs", "public suffixes" or "registry-like domains", and yet others call a domain immediately below such domains a "Base domain".Yngve It's not at all clear to me if your draft has any solution for the many unofficial "registry-like domains" that exist, particularly if your protocol expects each TLD to know about each and every such domain that might exist within its namespace.For example, I happen to know that 'demon.co.uk' has a separate sub-domainfor each customer, and should probably therefore be included in your list - it's "registry-like". However there's a (large?) unknown number of similar domains that I don't know about.
I am aware of the problem, and mention it in my original article on the subject: http://my.opera.com/yngve/blog/show.dml/267415
Any kind of shared hosting within a domain will have this kind of problem (in fact you have a similar problem for paths in same-host hosting); my cookie-v2 draft suggestions is really the best way to handle them (it does not permit distribution to parent domains); but as such within the demon.co.uk domain the situation is not any worse than it would be currently if they had used demon.com instead of demon.co.uk. I am aware that a couple of similar ones can exist in
AFAICT there are two basic ways to handle such a situation:One is to let such domain owners register through their TLD to be listed in their database as a registry-like domain (or in cases such as PublicSuffix.org, submit a patch to them)
The other require a form of policy document that can be posted at a well-known location within the domain. It might use a variant of the format my subtld draft defines, or something else (although I see no real reason it should be significantly different). This would be somewhat similar to the full P3P policy file. This might particularly be useful for large organizations, like universities, or corporations, to limit "cross-departemental" impact.
-- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve at opera.com Opera Software ASA http://www.opera.com/ Phone: +47 24 16 42 60 Fax: +47 24 16 40 01 ******************************************************************** _______________________________________________ DNSOP mailing list DNSOP at ietf.org https://www.ietf.org/mailman/listinfo/dnsop