I think the draft should be adopted. .internal is clearly a special-use domain name. If it isn't a "Special-Use Domain Name" by our current definition, then we should Update that definition in this draft.
Also I wonder if we could use this draft, if adopted, to recommend an insecure delegation for .internal (and any future domains of this kind?) back to the root. internal. 86400 IN NSEC international. NS SOA NSEC internal. 86400 IN SOA a.root-servers.net. ... internal. 86400 IN NS a.root-servers.net. (etc.) The ICANN SSAC report on .internal uses the term "delegate" (etc.) 17 times, but to my reading the usage of this term is informal, or perhaps ICANN-specific, referring to the usual TLD delegation process. This arrangement would help validating stubs to get the behavior that at least some folks here have wished for (stub resolvers can get their recursive resolver's view of .internal without modification), while still preventing registration of names under this TLD and leaving control with ICANN. --Ben [1] https://itp.cdn.icann.org/en/files/security-and-stability-advisory-committee-ssac-reports/sac-113-en.pdf ________________________________ From: Joe Abley <[email protected]> Sent: Thursday, April 17, 2025 11:22 AM To: David Conrad <[email protected]> Cc: Working Group DNSOP <[email protected]> Subject: [DNSOP] Re: [EXTERNAL] Re: Call for Adoption: draft-davies-internal-tld On 17 Apr 2025, at 17:13, David Conrad <[email protected]> wrote: >> On Apr 17, 2025, at 12:39 AM, Joe Abley <[email protected]> wrote: >>> We should not need TLD-specific handling. TLDs in general are and should >>> not be special. >> >> That far off bump on the horizon you see is the ass end of a ship that >> sailed long ago. Just because mistakes have been made in the past doesn't mean we are doomed to repeat them for ever. We are capable of learning. However, I appreciate that mine is a minority view. It's nice that I have an opportunity to express it but I don't have any delusions about changing other people's minds :-) Joe _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
