idnits 2.17.1 draft-hoffine-already-dotless-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 10 instances of lines with non-RFC2606-compliant FQDNs in the document. == There are 16 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 1 instance of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 11, 2013) is 3849 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Levine 3 Internet-Draft Taughannock Networks 4 Intended status: Informational P. Hoffman 5 Expires: April 14, 2014 Cybersecurity Association 6 October 11, 2013 8 Top-Level Domains that Are Already Dotless 9 draft-hoffine-already-dotless-05 11 Abstract 13 Recent statements from the Internet Architecture Board and ICANN's 14 Security and Stability Advisory Committee have discussed the problems 15 that the DNS is likely to experience with top-level domains that have 16 address records in them (so-called "dotless domains"). In order to 17 help researchers determine the extent of the issues with dotless 18 domains, this document lists the current dotless TLDs, and gives a 19 script for finding them. This document lists data about dotless 20 TLDs, but does not address the policy and technology issues other 21 than to point to the statements of others. 23 Status of This Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at http://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 This Internet-Draft will expire on April 14, 2014. 40 Copyright Notice 42 Copyright (c) 2013 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents 47 (http://trustee.ietf.org/license-info) in effect on the date of 48 publication of this document. Please review these documents 49 carefully, as they describe your rights and restrictions with respect 50 to this document. Code Components extracted from this document must 51 include Simplified BSD License text as described in Section 4.e of 52 the Trust Legal Provisions and are provided without warranty as 53 described in the Simplified BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 2. Current Dotless Domains . . . . . . . . . . . . . . . . . . . 3 59 2.1. TLDs with A Records . . . . . . . . . . . . . . . . . . . 3 60 2.2. TLDs with AAAA Records . . . . . . . . . . . . . . . . . 3 61 2.3. TLDs with MX Records . . . . . . . . . . . . . . . . . . 3 62 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 63 4. Security Considerations . . . . . . . . . . . . . . . . . . . 4 64 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4 65 6. Informative References . . . . . . . . . . . . . . . . . . . 5 66 Appendix A. Script for Finding Dotless Domains . . . . . . . . . 5 67 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 69 1. Introduction 71 In the past few years, well-respected groups have issued documents 72 about top-level domains in the DNS that have address records in them 73 (so-called "dotless domains"). The Security and Stability Advisory 74 Committee (SSAC) of the Internet Corporation for Assigned Names and 75 Numbers (ICANN) issued a report called "Report on Dotless Domains" in 76 February, 2012 [SAC053]. The Internet Architecture Board (IAB) 77 issued a statement called "Dotless Domains Considered Harmful" 78 [IAB-DOTLESS] in July, 2013. The New gTLD Program Committee of the 79 ICANN Board of Directors (NGPC) approved a resolution on dotless 80 domains [NGPC-DOTLESS] in August, 2013. (The authors of this 81 document note that they are on none of the SSAC, the IAB, nor the 82 ICANN Board.) 84 All of these documents consider the effects of dotless domains 85 without describing the extent of their current deployment. In order 86 to help researchers determine the extent of the problems with dotless 87 domains, this document lists the known dotless domains at the time of 88 publication, and shows how researchers can find them in the future. 89 In this document, we consider any TLD with an A, AAAA, and/or MX 90 record at the apex to be dotless. This document is meant to provide 91 current data to the Internet community, but does not give advice. 93 Many people have expressed a belief that ICANN prohibits all TLDs 94 from being dotless. That belief is not true; ICANN's policies apply 95 only to their contracted TLDs. This document shows the extent to 96 which dotless domains exist today. 98 2. Current Dotless Domains 100 The following shows the data found on September 3, 2013. The authors 101 note that the data was fairly constant for many months, with very few 102 additions or deletions or records. 104 We checked every TLD in the root zone to see which ones had A, AAAA, 105 or MX records. We found that about 5% of the TLDs did, and all of 106 the TLDs that do are two letter TLDs (which are also known as 107 ccTLDs). 109 2.1. TLDs with A Records 111 At the time this document is published, the following TLDs have A 112 records. 114 AC has address 193.223.78.210 115 AI has address 209.59.119.34 116 CM has address 195.24.205.60 117 DK has address 193.163.102.24 118 GG has address 87.117.196.80 119 IO has address 193.223.78.212 120 je has address 87.117.196.80 121 KH has address 203.223.32.21 122 PN has address 80.68.93.100 123 SH has address 193.223.78.211 124 TK has address 217.119.57.22 125 TM has address 193.223.78.213 126 TO has address 216.74.32.107 127 UZ has address 91.212.89.8 128 VI has address 193.0.0.198 129 WS has address 64.70.19.33 131 2.2. TLDs with AAAA Records 133 At the time this document is published, the following TLD has an AAAA 134 record. 136 DK has IPv6 address 2a01:630:0:40:b1a:b1a:2011:1 138 2.3. TLDs with MX Records 140 At the time this document is published, the following TLDs have MX 141 records. The SSAC report implies, but does not explicitly say, that 142 MX records would cause a TLD to be considered dotless; the IAB report 143 does not mention MX records at all. 145 AI mail is handled by 10 mail.offshore.AI. 146 AX mail is handled by 5 mail.aland.net. 147 CF mail is handled by 0 mail.intnet.CF. 148 DM mail is handled by 10 mail.nic.DM. 149 GP mail is handled by 10 ns1.worldsatelliteservices.com. 150 GP mail is handled by 5 ns1.nic.GP. 151 GT mail is handled by 10 ASPMX.L.GOOGLE.COM. 152 GT mail is handled by 20 ALT1.ASPMX.L.GOOGLE.COM. 153 GT mail is handled by 20 ALT2.ASPMX.L.GOOGLE.COM. 154 GT mail is handled by 30 ASPMX2.GOOGLEMAIL.COM. 155 GT mail is handled by 30 ASPMX3.GOOGLEMAIL.COM. 156 GT mail is handled by 30 ASPMX4.GOOGLEMAIL.COM. 157 GT mail is handled by 30 ASPMX5.GOOGLEMAIL.COM. 158 HR mail is handled by 5 alpha.carnet.HR. 159 IO mail is handled by 10 mailer2.IO. 160 KH mail is handled by 10 ns1.dns.net.KH. 161 KM mail is handled by 100 mail1.comorestelecom.KM. 162 LK mail is handled by 10 malithi-slt.nic.LK. 163 LK mail is handled by 20 malithi-lc.nic.LK. 164 MQ mail is handled by 10 mx1-mq.mediaserv.net. 165 PA mail is handled by 5 ns.PA. 166 TT mail is handled by 10 ALT1.ASPMX.L.GOOGLE.COM. 167 TT mail is handled by 1 ASPMX.L.GOOGLE.COM. 168 UA mail is handled by 10 mr.kolo.net. 169 VA mail is handled by 100 raphaelmx3.posta.VA. 170 VA mail is handled by 10 raphaelmx1.posta.VA. 171 VA mail is handled by 10 raphaelmx2.posta.VA. 172 WS mail is handled by 10 mail.worldsite.WS. 173 YE mail is handled by 10 mail.yemen.net.YE. 175 3. IANA Considerations 177 The script in Appendix A relies on IANA continuing to publish a copy 178 of the TLDs in the root zone at http://data.iana.org/TLD/tlds-alpha- 179 by-domain.txt. 181 4. Security Considerations 183 This document lists the known dotless domains; it does not express an 184 opinion whether or not there are security considerations with the 185 existence of dotless domains. The referenced IAB and SSAC reports 186 discuss the opinions of the respective bodies on the security and 187 stability considerations of dotless domains. 189 5. Acknowledgements 190 Andrew Sullivan and Marc Blanchet gave helpful comments on this 191 document. 193 6. Informative References 195 [IAB-DOTLESS] 196 Internet Architecture Board, "Dotless Domains Considered 197 Harmful", July 2013, . 200 [NGPC-DOTLESS] 201 New gTLD Program Committee of the ICANN BOard, "Approved 202 Resolution on Dotless Domains", September 2013, . 206 [SAC053] ICANN Security and Stability Advisory Committee, "SSAC 207 Report on Dotless Domains", February 2012, . 210 Appendix A. Script for Finding Dotless Domains 212 The following Bourne shell script was used for finding the data in 213 this document. The authors believe that this script will work 214 correctly on a wide variety of operating systems, and will continue 215 to do so in the foreseeable future. As is customary in the current 216 legal environment, the authors make no assurance that the script is 217 correct or that the script will not cause damage on a system where it 218 is run. 220 The script checks each nameserver for each TLD instead of just doing 221 a simple query because the nameservers for some of the TLDs have 222 inconsistent data in them with respect to the records shown here. 224 #! /bin/sh 225 # Get the current list of TLDs from IANA 226 wget -O orig.txt http://data.iana.org/TLD/tlds-alpha-by-domain.txt 227 # Remove the comment at the top of the file 228 grep -v '^#' orig.txt > TLDs.txt 229 # Get all the nameservers 230 while read tld; do host -t NS $tld; done < TLDs.txt > TLD-servers.txt 231 # Do queries for each record type, and do them on each nameserver 232 for rec in A AAAA MX; do 233 while read tld ignorea ignoreb ns; do 234 host -t $rec $tld. $ns; 235 done < TLD-servers.txt; 236 done > all-out.txt 237 # Print the results 238 grep "has address" all-out.txt | sort -uf 239 grep "has IPv6" all-out.txt | sort -uf 240 grep "mail is handled" all-out.txt | sort -uf 242 Authors' Addresses 244 John Levine 245 Taughannock Networks 247 Email: standards@taugh.com 249 Paul Hoffman 250 Cybersecurity Association 252 Email: paul.hoffman@cybersecurity.org