Re: ICANN opens up Pandora's Box of new TLDs

• From: Phil Regnauld
• Date: Mon Jun 30 04:53:49 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

Matthew Petach (mpetach) writes:
> If they simply use "smtp" as the hostname, most of the
> current resolver libraries will append the local domain
> name, so that instead of reaching my A record for smtp,
> they'll end up trying to reach smtp.their.domain.

	Actually, that's a good point -- although it will try first with
	the domains specified in the search list first.
	
	So I wouldn't worry too much about this kind of thing.

	But considering the amount of flag waving and "Caution: Wet
	Floor" signs ICANN placed when it rolled out something has
	harmless as the IDN tests in the root, I'm surprised that they
	haven't thought about all the non-FQDNs that will suddenly
	resolve, including all the private TLDs that people use
	internally.  It's bad practice, and isn't recommended anyway,
	but I do expect it will cause many more fun (read: annoying)
	calls to helpdesks of the sort "where did my mail go ?".
	And mail won't be the only thing.

> Will operating system manufacturers release updated
> resolver libraries that no longer assume that single
> token names should have the local domain attached?

	I know a lot of mail clients that won't accept to send
	mail to [email protected], but they certainly will accept [email protected]
	as the outgoing mail name.  Luckily, that will match the
	search list as well first.

> Or should I always ensure that resolvers reach my
> domain explicitly by including the trailing "dot" in
> all uses, so that my email would be given out as
> "[email protected]" in the hopes that everyone would
> correctly remember to add the "." at the end when
> entering my email address into their mail clients?

	A fair number will barf on this (for now).

> Or does the current resolver logic already handle
> these cases (check root, work your way down
> stopping at the first match found; if you run out
> of tokens in the string being resolved, append the
> local domain name to the string and start the process
> over)?

	The other way around.  And if I ping 'dk', my resolver
	stops after "catpipe.net" and my other private domain.
	It doesn't try "dk.", even though dk. has an A record
	associated with it.  I get NXDOMAIN.

> Simply looking to solidify my understanding of how
> these new names would resolve.

	Not too many problems, I think, except for resolver
	libraries that fail to find the name in the domains
	listed in the search list, and continue to '.'.
	
	It's not standard practice though.

	Phil

• Follow-Ups:
  • Re: ICANN opens up Pandora's Box of new TLDs David Conrad

• References:
  • Re: ICANN opens up Pandora's Box of new TLDs Roger Marquis
  • Re: ICANN opens up Pandora's Box of new TLDs Stephane Bortzmeyer
  • Re: ICANN opens up Pandora's Box of new TLDs Matthew Petach

• Prev by Date: Re: DNS and potential energy
• Next by Date: Re: ICANN opens up Pandora's Box of new TLDs
• Date Index
• Thread Index
• Author Index
• Historical