Network Working Group J. Levine
Internet-Draft Taughannock Networks
Intended status: Informational P. Hoffman
Expires: March 21, 2014 Cybersecurity Association
September 17, 2013
Top-Level Domains that Are Already Dotless
draft-hoffine-already-dotless-04
Abstract
Recent statements from the Internet Architecture Board and ICANN's
Security and Stability Advisory Committee have discussed the problems
that the DNS is likely to experience with top-level domains that have
address records in them (so-called "dotless domains"). However,
these statements spoke of the problem mostly as theoretical, when in
fact there are such TLDs today. This document lists the current
dotless TLDs, and gives a script for finding them. This document
lists data about dotless TLDs, but does not address the policy and
technology issues other than to point to the statements of others.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 21, 2014.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Levine & Hoffman Expires March 21, 2014 [Page 1]
�
Internet-Draft Already-Dotless TLDs September 2013
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Current Dotless Domains . . . . . . . . . . . . . . . . . . . 3
2.1. TLDs with A Records . . . . . . . . . . . . . . . . . . . 3
2.2. TLDs with AAAA Records . . . . . . . . . . . . . . . . . 3
2.3. TLDs with MX Records . . . . . . . . . . . . . . . . . . 3
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
4. Security Considerations . . . . . . . . . . . . . . . . . . . 4
5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4
6. Informative References . . . . . . . . . . . . . . . . . . . 5
Appendix A. Script for Finding Dotless Domains . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction
In the past few years, well-respected groups have issued documents
about top-level domains in the DNS that have address records in them
(so-called "dotless domains"). The Security and Stability Advisory
Committee (SSAC) of the Internet Corporation for Assigned Names and
Numbers (ICANN) issued a report called "Report on Dotless Domains" in
February, 2012 [SAC053]. The Internet Architecture Board (IAB)
issued a statement called "Dotless Domains Considered Harmful"
[IAB-DOTLESS] in July, 2013. The New gTLD Program Committee of the
ICANN Board of Directors (NGPC) approved a resolution on dotless
domains [NGPC-DOTLESS] in August, 2013. (The authors of this
document note that they are on none of the SSAC, the IAB, nor the
ICANN Board.)
All of these documents consider the effects of dotless domains
without describing the extent of their current deployment. In order
to help researchers determine the extent of the problems with dotless
domains, this document lists the known dotless domains at the time of
publication, and shows how researchers can find them in the future.
In this document, we consider any TLD with an A, AAAA, and/or MX
record at the apex to be dotless. This document is meant to provide
current data to the Internet community, but does not give advice.
Many people have expressed a belief that ICANN prohibits all TLDs
from being dotless. That belief is not true; ICANN's policies apply
only to their contracted TLDs. This document shows the extent to
which dotless domains exist today.
Levine & Hoffman Expires March 21, 2014 [Page 2]
�
Internet-Draft Already-Dotless TLDs September 2013
2. Current Dotless Domains
The following shows the data found on September 3, 2013. The authors
note that the data was fairly constant for many months, with very few
additions or deletions or records.
We checked every TLD in the root zone to see which ones had A, AAAA,
or MX records. We found that about 5% of the TLDs did, and all of
the TLDs that do are two letter TLDs (which are also known as
ccTLDs).
2.1. TLDs with A Records
At the time this document is published, the following TLDs have A
records.
AC has address 193.223.78.210
AI has address 209.59.119.34
CM has address 195.24.205.60
DK has address 193.163.102.24
GG has address 87.117.196.80
IO has address 193.223.78.212
je has address 87.117.196.80
KH has address 203.223.32.21
PN has address 80.68.93.100
SH has address 193.223.78.211
TK has address 217.119.57.22
TM has address 193.223.78.213
TO has address 216.74.32.107
UZ has address 91.212.89.8
VI has address 193.0.0.198
WS has address 64.70.19.33
2.2. TLDs with AAAA Records
At the time this document is published, the following TLD has an AAAA
record.
DK has IPv6 address 2a01:630:0:40:b1a:b1a:2011:1
2.3. TLDs with MX Records
At the time this document is published, the following TLDs have MX
records. The SSAC report implies, but does not explicitly say, that
MX records would cause a TLD to be considered dotless; the IAB report
does not mention MX records at all.
Levine & Hoffman Expires March 21, 2014 [Page 3]
�
Internet-Draft Already-Dotless TLDs September 2013
AI mail is handled by 10 mail.offshore.AI.
AX mail is handled by 5 mail.aland.net.
CF mail is handled by 0 mail.intnet.CF.
DM mail is handled by 10 mail.nic.DM.
GP mail is handled by 10 ns1.worldsatelliteservices.com.
GP mail is handled by 5 ns1.nic.GP.
GT mail is handled by 10 ASPMX.L.GOOGLE.COM.
GT mail is handled by 20 ALT1.ASPMX.L.GOOGLE.COM.
GT mail is handled by 20 ALT2.ASPMX.L.GOOGLE.COM.
GT mail is handled by 30 ASPMX2.GOOGLEMAIL.COM.
GT mail is handled by 30 ASPMX3.GOOGLEMAIL.COM.
GT mail is handled by 30 ASPMX4.GOOGLEMAIL.COM.
GT mail is handled by 30 ASPMX5.GOOGLEMAIL.COM.
HR mail is handled by 5 alpha.carnet.HR.
IO mail is handled by 10 mailer2.IO.
KH mail is handled by 10 ns1.dns.net.KH.
KM mail is handled by 100 mail1.comorestelecom.KM.
LK mail is handled by 10 malithi-slt.nic.LK.
LK mail is handled by 20 malithi-lc.nic.LK.
MQ mail is handled by 10 mx1-mq.mediaserv.net.
PA mail is handled by 5 ns.PA.
TT mail is handled by 10 ALT1.ASPMX.L.GOOGLE.COM.
TT mail is handled by 1 ASPMX.L.GOOGLE.COM.
UA mail is handled by 10 mr.kolo.net.
VA mail is handled by 100 raphaelmx3.posta.VA.
VA mail is handled by 10 raphaelmx1.posta.VA.
VA mail is handled by 10 raphaelmx2.posta.VA.
WS mail is handled by 10 mail.worldsite.WS.
YE mail is handled by 10 mail.yemen.net.YE.
3. IANA Considerations
The script in Appendix A relies on IANA continuing to publish a copy
of the TLDs in the root zone at http://data.iana.org/TLD/tlds-alpha-
by-domain.txt.
4. Security Considerations
This document lists the known dotless domains; it does not express an
opinion whether or not there are security considerations with the
existence of dotless domains. The referenced IAB and SSAC reports
discuss the opinions of the respective bodies on the security and
stability considerations of dotless domains.
5. Acknowledgements
Levine & Hoffman Expires March 21, 2014 [Page 4]
�
Internet-Draft Already-Dotless TLDs September 2013
Andrew Sullivan and Marc Blanchet gave helpful comments on this
document.
6. Informative References
[IAB-DOTLESS]
Internet Architecture Board, "Dotless Domains Considered
Harmful", July 2013, .
[NGPC-DOTLESS]
New gTLD Program Committee of the ICANN BOard, "Approved
Resolution on Dotless Domains", September 2013, .
[SAC053] ICANN Security and Stability Advisory Committee, "SSAC
Report on Dotless Domains", February 2012, .
Appendix A. Script for Finding Dotless Domains
The following Bourne shell script was used for finding the data in
this document. The authors believe that this script will work
correctly on a wide variety of operating systems, and will continue
to do so in the foreseeable future. As is customary in the current
legal environment, the authors make no assurance that the script is
correct or that the script will not cause damage on a system where it
is run.
The script checks each nameserver for each TLD instead of just doing
a simple query because the nameservers for some of the TLDs have
inconsistent data in them with respect to the records shown here.
#! /bin/sh
# Get the current list of TLDs from IANA
wget -O orig.txt http://data.iana.org/TLD/tlds-alpha-by-domain.txt
# Remove the comment at the top of the file
grep -v '^#' orig.txt > TLDs.txt
# Get all the nameservers
while read tld; do host -t NS $tld; done < TLDs.txt > TLD-servers.txt
# Do queries for each record type, and do them on each nameserver
for rec in A AAAA MX; do
while read tld ignorea ignoreb ns; do
host -t $rec $tld. $ns;
done < TLD-servers.txt;
done > all-out.txt
# Print the results
Levine & Hoffman Expires March 21, 2014 [Page 5]
�
Internet-Draft Already-Dotless TLDs September 2013
grep "has address" all-out.txt | sort -uf
grep "has IPv6" all-out.txt | sort -uf
grep "mail is handled" all-out.txt | sort -uf
Authors' Addresses
John Levine
Taughannock Networks
Email: standards@taugh.com
Paul Hoffman
Cybersecurity Association
Email: paul.hoffman@cybersecurity.org
Levine & Hoffman Expires March 21, 2014 [Page 6]