idnits 2.17.1 draft-hoffine-already-dotless-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 10 instances of lines with non-RFC2606-compliant FQDNs in the document. == There are 16 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 1 instance of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 02, 2013) is 3887 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Levine 3 Internet-Draft Taughannock Networks 4 Intended status: Informational P. Hoffman 5 Expires: March 06, 2014 Cybersecurity Association 6 September 02, 2013 8 Top-Level Domains that Are Already Dotless 9 draft-hoffine-already-dotless-03 11 Abstract 13 Recent statements from the Internet Architecture Board and ICANN's 14 Security and Stability Advisory Committee have discussed the problems 15 that the DNS is likely to experience with top-level domains that have 16 address records in them (so-called "dotless domains"). However, 17 these statements spoke of the problem mostly as theoretical, when in 18 fact there are such TLDs today. This document lists the current 19 dotless TLDs, and gives a script for finding them. This document 20 lists data about dotless TLDs, but does not address the policy and 21 technology issues other than to point to the statements of others. 23 Status of This Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at http://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 This Internet-Draft will expire on March 06, 2014. 40 Copyright Notice 42 Copyright (c) 2013 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (http://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with respect 50 to this document. Code Components extracted from this document must 51 include Simplified BSD License text as described in Section 4.e of 52 the Trust Legal Provisions and are provided without warranty as 53 described in the Simplified BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 2. Current Dotless Domains . . . . . . . . . . . . . . . . . . . 3 59 2.1. TLDs with A Records . . . . . . . . . . . . . . . . . . . 3 60 2.2. TLDs with AAAA Records . . . . . . . . . . . . . . . . . 3 61 2.3. TLDs with MX Records . . . . . . . . . . . . . . . . . . 3 62 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 63 4. Security Considerations . . . . . . . . . . . . . . . . . . . 4 64 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4 65 6. Informative References . . . . . . . . . . . . . . . . . . . 5 66 Appendix A. Script for Finding Dotless Domains . . . . . . . . . 5 67 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 69 1. Introduction 71 In the past few years, well-respected groups have issued documents 72 about top-level domains in the DNS that have address records in them 73 (so-called "dotless domains"). The Security and Stability Advisory 74 Committee (SSAC) of the Internet Corporation for Assigned Names and 75 Numbers (ICANN) issued a report called "Report on Dotless Domains" in 76 February, 2012 [SAC053]. The Internet Architecture Board (IAB) 77 issued a statement called "Dotless Domains Considered Harmful" 78 [IAB-DOTLESS] in July, 2013. The New gTLD Program Committee of the 79 ICANN Board of Directors (NGPC) approved a resolution on dotless 80 domains [NGPC-DOTLESS] in August, 2013. (The authors of this 81 document note that they are on none of the SSAC, the IAB, nor the 82 ICANN Board.) 84 Both of these documents consider the effects of dotless domains 85 without describing the extent of their current deployment. In order 86 to help researchers determine the extent of the problems with dotless 87 domains, this document lists the known dotless domains at the time of 88 publication, and shows how researchers can find them in the future. 89 This document is meant to provide current data to the Internet 90 community, but does not give advice. 92 Many people have expressed a belief that ICANN prohibits all TLDs 93 from being dotless. That belief is not true; ICANN's policies apply 94 only to their contracted TLDs. 96 2. Current Dotless Domains 98 The following shows the data found on September XXXXXXXXXXXXXXXXXXXX, 99 2013. The authors note that the data was fairly constant for many 100 months, with very few additions or deletions or records. 102 We checked every TLD in the root zone to see which ones had A, AAAA, 103 or MX records. We found that about 5% of the TLDs did, and all of 104 the TLDs that do are two letter TLDs (which are also known as 105 ccTLDs). 107 2.1. TLDs with A Records 109 At the time this document is published, the following TLDs have A 110 records. 112 AC has address 193.223.78.210 113 AI has address 209.59.119.34 114 CM has address 195.24.205.60 115 DK has address 193.163.102.24 116 gg has address 87.117.196.80 117 IO has address 193.223.78.212 118 JE has address 87.117.196.80 119 KH has address 203.223.32.21 120 PN has address 80.68.93.100 121 SH has address 193.223.78.211 122 TK has address 217.119.57.22 123 TM has address 193.223.78.213 124 TO has address 216.74.32.107 125 UZ has address 91.212.89.8 126 VI has address 193.0.0.198 127 WS has address 64.70.19.33 129 2.2. TLDs with AAAA Records 131 At the time this document is published, the following TLD has an AAAA 132 record. 134 DK has IPv6 address 2a01:630::40:b1a:b1a:2011:1 136 2.3. TLDs with MX Records 138 At the time this document is published, the following TLDs have MX 139 records. The SSAC report implies, but does not explicitly say, that 140 MX records would cause a TLD to be considered dotless; the IAB report 141 does not mention MX records at all. 143 AI mail is handled by 10 mail.offshore.AI. 144 AX mail is handled by 5 mail.aland.net. 145 CF mail is handled by 0 mail.intnet.CF. 146 DM mail is handled by 10 mail.nic.DM. 147 GP mail is handled by 10 ns1.worldsatelliteservices.com. 148 GP mail is handled by 5 ns1.nic.GP. 149 GT mail is handled by 10 ASPMX.L.GOOGLE.COM. 150 GT mail is handled by 20 ALT1.ASPMX.L.GOOGLE.COM. 151 GT mail is handled by 20 ALT2.ASPMX.L.GOOGLE.COM. 152 GT mail is handled by 30 ASPMX2.GOOGLEMAIL.COM. 153 GT mail is handled by 30 ASPMX3.GOOGLEMAIL.COM. 154 GT mail is handled by 30 ASPMX4.GOOGLEMAIL.COM. 155 GT mail is handled by 30 ASPMX5.GOOGLEMAIL.COM. 156 HR mail is handled by 5 alpha.carnet.HR. 157 IO mail is handled by 10 mailer2.IO. 158 KH mail is handled by 10 ns1.dns.net.KH. 159 KM mail is handled by 100 mail1.comorestelecom.KM. 160 LK mail is handled by 10 malithi-slt.nic.LK. 161 LK mail is handled by 20 malithi-lc.nic.LK. 162 MQ mail is handled by 10 mx1-mq.mediaserv.net. 163 PA mail is handled by 5 ns.PA. 164 TT mail is handled by 1 ASPMX.L.GOOGLE.COM. 165 TT mail is handled by 10 ALT1.ASPMX.L.GOOGLE.COM. 166 UA mail is handled by 10 mr.kolo.net. 167 VA mail is handled by 10 raphaelmx1.posta.VA. 168 VA mail is handled by 10 raphaelmx2.posta.VA. 169 VA mail is handled by 100 raphaelmx3.posta.VA. 170 WS mail is handled by 10 mail.worldsite.WS. 171 YE mail is handled by 10 mail.yemen.net.YE. 173 3. IANA Considerations 175 The script in Appendix A relies on IANA continuing to publish a copy 176 of the TLDs in the root zone at http://data.iana.org/TLD/tlds-alpha- 177 by-domain.txt. 179 4. Security Considerations 181 This document lists the known dotless domains; it does not express an 182 opinion whether or not there are security considerations with the 183 existence of dotless domains. The referenced IAB and SSAC reports 184 discuss the opinions of the respective bodies on the security and 185 stability considerations of dotless domains. 187 5. Acknowledgements 188 Andrew Sullivan and Marc Blanchet gave helpful comments on this 189 document. 191 6. Informative References 193 [IAB-DOTLESS] 194 Internet Architecture Board, "Dotless Domains Considered 195 Harmful", July 2013, . 198 [NGPC-DOTLESS] 199 New gTLD Program Committee of the ICANN BOard, "Approved 200 Resolution on Dotless Domains", September 2013, . 204 [SAC053] ICANN Security and Stability Advisory Committee, "SSAC 205 Report on Dotless Domains", February 2012, . 208 Appendix A. Script for Finding Dotless Domains 210 The following Bourne shell script was used for finding the data in 211 this document. The authors believe that this script will work 212 correctly on a wide variety of operating systems, and will continue 213 to do so in the foreseeable future. As is customary in the current 214 legal environment, the authors make no assurance that the script is 215 correct or that the script will not cause damage on a system where it 216 is run. 218 The script checks each nameserver for each TLD instead of just doing 219 a simple query because the nameservers for some of the TLDs have 220 inconsistent data in them with respect to the records shown here. 222 #! /bin/sh 223 # Get the current list of TLDs from IANA 224 wget -O orig.txt http://data.iana.org/TLD/tlds-alpha-by-domain.txt 225 # Remove the comment at the top of the file 226 grep -v '^#' orig.txt > TLDs.txt 227 # Get all the nameservers 228 while read tld; do host -t NS $tld; done < TLDs.txt > TLD-servers.txt 229 # Do queries for each record type, and do them on each nameserver 230 for rec in A AAAA MX; do 231 while read tld ignorea ignoreb ns; do 232 host -t $rec $tld. $ns; 233 done < TLD-servers.txt; 234 done > all-out.txt 235 # Print the results 236 grep "has address" all-out.txt | sort -uf 237 grep "has IPv6" all-out.txt | sort -uf 238 grep "mail is handled" all-out.txt | sort -uf 240 Authors' Addresses 242 John Levine 243 Taughannock Networks 245 Email: standards@taugh.com 247 Paul Hoffman 248 Cybersecurity Association 250 Email: paul.hoffman@cybersecurity.org