Google on dotless domains [was Re: IAB Statement on Dotless Domains]
Google is pushing for dotless-dot-search, so you can guarantee it will work in chromium (with or without ICANN's blessing). Here is what a Google employee actually said about Google and dotless domains at last week's ICANN public forum in Durban: JORDYN BUCHANAN: HELLO. I'M JORDYN BUCHANAN WITH GOOGLE. I'D LIKE TO MAKE SOME OF THE SSR CONVERSATIONS WE'VE HAD TODAY A LITTLE MORE CONCRETE AT LEAST WITH A COUPLE EXAMPLES THAT WE'RE HAPPY TO DISCUSS AS AN APPLICANT FOR NEW gTLDs. FIRST, I'D LIKE TO VERY BRIEFLY ADDRESS DOTLESS TLDS. AS PEOPLE MAY KNOW, WE HAVE SUBMITTED A APPLICATION AMENDMENT FOR OUR DOT SEARCH TLD THAT DOES INCLUDE A REGISTRY SERVICE THAT INCLUDES DOTLESS AND A DOTLESS ELEMENT. WE FULLY EXPECT -- AND I UNDERSTAND THAT THE GUIDEBOOK PROVIDES THAT IF AN APPLICANT PROPOSES TO OPERATE A DOTLESS SERVICE, THAT THERE WILL BE ADDITIONAL SCRUTINY AND THAT ICANN WILL REVIEW THAT PROCESS AND MAKE SURE THAT ANY SECURITY CONCERNS ARE MITIGATED. WE APPRECIATE THAT THERE ARE POTENTIAL SSR CONCERNS AND WE ARE DELIGHTED THAT ICANN WILL FULLY REVIEW THAT BEFORE DECIDING WHETHER OR NOT TO ALLOW THAT SERVICE TO BE OPERATED. WE DO NOT INTEND TO BYPASS THE PROCESS OR OTHERWISE HAVE OUR AMENDMENT APPROVED PRIOR TO THE FULL EVALUATION OF THE PROPOSED SERVICE. SECOND, I'D LIKE TO POINT OUT WE ARE -- WE'RE THE APPLICANT FOR DOT ADS. IT HAS A LOW PRIORITY NUMBER, 392. IT'S UNCONTENDED. THERE ARE NO OBJECTIONS. I EXPECT THAT UNDER NORMAL CIRCUMSTANCES, WE MIGHT BE ABLE TO START TO OPERATE IT IN THE RELATIVELY NEAR FUTURE, BUT IT'S NOT QUITE NORMAL CIRCUMSTANCES. BECAUSE IT ALSO APPEARS ON THE TOP HANDFUL OF POTENTIAL NAME COLLISIONS IDENTIFIED IN THE INTERAISLE REPORT OR AT LEAST THE PREVIEW OF IT THAT WE'VE SEEN. TO THAT EXTENT I'M HERE TO COMMIT TODAY WE'RE NOT GOING TO OPERATE DOT ADS PRIOR TO A FULL EVALUATION OF ANY POTENTIAL SECURITY INTERACTIONSMENT WE'D LOVE TO TALK TO AMY AND OTHERS IN THE COMMUNITY THAT MAY HAVE ISSUES AND WE'LL START TO WORK ON MITIGATION NOW. WE HAVE A CONCRETE EXAMPLE, LET'S START TO WORK ON THE PROCESS AND MAKE SURE THAT BY THE TIME WE GET TO THE POINT THAT WE'RE READY TO START TO WORK THROUGH SOME OF THE OTHER TLDS THAT OTHER PEOPLE OPERATE OR ARE CON TENTDED WE WORK THROUGH THIS ISSUE. WE WON'T DELEGATE IT UNTIL IT'S SOLVED. [ APPLAUSE. ] CHERINE CHALABY: THANK YOU, JORDYN. ANYONE WISH TO COMMENT ON JORDYN'S -- FADI. FADI CHEHADE: YEAH, JORDYN, JUST TO SAY THANK YOU FOR THE RESPONSIBLE APPROACH YOU'RE TAKING AND GOOGLE IS TAKING HERE. IT'S APPRECIATED. AND I THINK EVEN AMY AND OTHERS WOULD APPRECIATE THE WAY WE ARE DEALING WITH THESE POTENTIAL ISSUES. SO REALLY, THAT'S THE WAY I HOPE ALL OF US WILL COOPERATE TO ADDRESS THESE ISSUES AS A COMMUNITY. THANK YOU FOR THAT. CHERINE CHALABY: THANK YOU, FADI. NEXT SPEAKER, PLEASE.
Re: Re: IAB Statement on Dotless Domains
I submitted a draft related to this issue last year. http://tools.ietf.org/html/draft-yao-dnsop-tld-names-00 In this draft, I called this kind of names as TLD names instead of dotless domains. Jiankang Yao From: Dave Crocker Date: 2013-07-11 05:39 To: ietf CC: IETF Discussion Subject: Re: IAB Statement on Dotless Domains On 7/10/2013 11:59 AM, Russ Housley wrote: The IAB has made a statement on dotless domains. You can find this statement here: http://www.iab.org/documents/correspondence-reports-documents/2013-2/iab-statement-dotless-domains-considered-harmful/ It's unfortunate that the IAB did not choose to circulate a draft before releasing the Statement. The Statement could have been made a bit stronger in the concern it expresses. There's been a separate discussion on the SMTP mailing list about the ICANN SSAC report on the topic of dotless domains. The report correctly notes that there are also email barriers to the use of dotless domains. The report incorrectly attributes these to the email standards, which do not prohibit the use. (To be fair the format standard RFC 2822, which was in force for a number of years, did have the prohibition, but neither its predecessor nor its successor -- the current standard RFC5322 -- carry the limitation.) Rather, the SMTP mailing list confirmed common software implementation barriers, sometimes due to the DNS-related stricture. More interesting were other concerns about possible attacks and configuration errors. The example of localhost was cited. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
Re: IAB Statement on Dotless Domains
Reading some of this discussion leaves me puzzled because I can't tell which things that some people are saying are intended to be about dotless use of domains, or are intended to be about the expansion of top level domains in general. Yes, they should be trreated as entirely separate topics. My own comments are only about the technical and operational assessment of using dotless domains; I'm not commenting on any policy or political issues: Dotless domain names have roughly 30 years of standards, software and operations practice working against them. They have always been treated either as an error or as a short-form to possible alternatives. Moving an extremely well-established installed base of perhaps hundreds of independent software implementations, thousands of different independent operational environments, and billions of users from treating dotless names one way to another should be seen as an impossible task. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
Re: IAB Statement on Dotless Domains
On 07/12/2013 02:40 PM, John R Levine wrote: Point your browser at http://dk/ or http://tm/ and see what happens. As John points out, the ccTLDs are already doing this. ICANN has no authority to tell the ccTLDs NOT to do it, thus restricting the gTLDs from doing it (via their contract with ICANN) would arguably be unfair in any number of parameters, including (possibly) legal ones. It is unarguably true that as things currently stand there will be problems with dotless domains. How widespread, and how serious those problems become is yet to be seen. However it is also unarguably true that if there is sufficient market demand for dotless domains the software folks, at both the OS and application levels, will make them work. [1] So either this is a good idea that will gain traction, and therefore appropriate software support; or it is a bad idea that will go away on its own. Either way, making a fuss about the hoofprints after the horse has already left the barn doesn't help the situation. Doug [1] http://publicsuffix.org/ (for an arguably pathological definition of something that works in this space)
Re: IAB Statement on Dotless Domains
On 7/14/2013 8:14 PM, Doug Barton wrote: It is unarguably true that as things currently stand there will be problems with dotless domains. How widespread, and how serious those problems become is yet to be seen. However it is also unarguably true that if there is sufficient market demand for dotless domains the software folks, at both the OS and application levels, will make them work. [1] The effects of your putting your hand into a fire are yet to be seen. However we have enough knowledge of things to be able to assess likely outcomes quite accurately. In contrast, assertions about market demand ensuring that software folks... will make them work rests on a fuzzy concept of market forces -- for example, the market of users isn't likely to be issuing a formal or informal 'demand' about any of this, and a model of altering installed-base behavior that has, I believe, has no historical precedent. It is, in fact, possible that Marshall Rose was wrong and that for some things, there is no possible thrust sufficient to make pigs fly, or at least not without killing an extraordinary number of other pigs. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
Re: IAB Statement on Dotless Domains
On 07/14/2013 08:25 PM, Dave Crocker wrote: On 7/14/2013 8:14 PM, Doug Barton wrote: It is unarguably true that as things currently stand there will be problems with dotless domains. How widespread, and how serious those problems become is yet to be seen. However it is also unarguably true that if there is sufficient market demand for dotless domains the software folks, at both the OS and application levels, will make them work. [1] The effects of your putting your hand into a fire are yet to be seen. However we have enough knowledge of things to be able to assess likely outcomes quite accurately. And correspondingly we have a lot of knowledge about what is likely to happen with dotless domains, at least in the early stages. Brian already pointed out that the overwhelming majority of end-user hosts have either a default domain, or a search string configured. Thus for the most part dotless domains will (again, in the early stages) be an annoyance, at worst. There will be some pathological cases where various people/enterprises have been doing things that they have been told for years not to do (hijacking unused TLDs) who will have some pain. I have no sympathy for them. Part of the annoyance will be that users will have an inconsistent experience. That's been true of the Internet for years, depending on your software, local configuration, etc. So again, nothing to see here. In contrast, assertions about market demand ensuring that software folks... will make them work rests on a fuzzy concept of market forces -- for example, the market of users isn't likely to be issuing a formal or informal 'demand' about any of this, If you believe that's what I meant by market forces I'm not the one with the fuzzy concept. :) Google is pushing for dotless-dot-search, so you can guarantee it will work in chromium (with or without ICANN's blessing). If sufficient $CURRENCY (or other currency-like motivation) is thrust in the direction of other browser vendors they will follow suit. The fact that it works in the browser will encourage other software vendors to adapt. ... or not. I don't think it's impossible that this will fail. I don't even think it's impossible that it will fail in a spectacular manner. What I know it is impossible to do is prevent it from happening. and a model of altering installed-base behavior that has, I believe, has no historical precedent. I find your lack of faith ... disturbing. It is, in fact, possible that Marshall Rose was wrong and that for some things, there is no possible thrust sufficient to make pigs fly, or at least not without killing an extraordinary number of other pigs. For the record I am not in favor of harm coming to any bovine, regardless of altitude. Doug (get it? thrust? see what I did there?)
Re: where's the data, was IAB Statement on Dotless Domains
In article 51e368f9.70...@dougbarton.us you write: On 07/12/2013 02:40 PM, John R Levine wrote: Point your browser at http://dk/ or http://tm/ and see what happens. As John points out, the ccTLDs are already doing this. ICANN has no authority to tell the ccTLDs NOT to do it, thus restricting the gTLDs from doing it (via their contract with ICANN) would arguably be unfair in any number of parameters, including (possibly) legal ones. No, you completely misunderstand my point. If you try out the existing dotless TLDs, you will find out that they sort of work for web pages, only because very few sites have hosts named dk or ai, and mail to them works very badly if at all. So there is some actual data we could cite about how badly they work, to support the hand waving in all the anti-dotless documents to date. It's silly to think that fairness between ccTLDS and gTLDs matters at all. For one thing, gTLDs have for over a decade followed rules that don't apply to ccTLDs, such as accepting registrations only indirectly, and publishing WHOIS about all registered names. For another, anyone who's looked through the new TLD applicant guidebook would know that every applicant has agreed to page after page of legal releases in ICANN's favor, and that dotless domains are specifically forbidden without a waiver from ICANN, which ICANN can grant or not at its discretion. The only reason this has come up is that one (1) of the 1900 new TLD applications has asked for a waiver to do a dotless domain, and that applicant happens to be Google applying for .SEARCH. ICANN can just say no. Or they might not even have to, since Google's is only one of four competing applicants for .SEARCH, and there is no reason to assume that they would necessarily be the winner at the end of the negotiations. R's, John
Re: IAB Statement on Dotless Domains
There must be something similar to Godwin's Law whereby any IETF discussion can devolve into a debate over NAT. ;-) Jason On 7/12/13 10:13 AM, Phillip Hallam-Baker hal...@gmail.commailto:hal...@gmail.com wrote: Keith, read my words, I choose them more carefully than you imagine. solves their problems at negligible cost TO THEM What part of that do you disagree with? I don't dispute the fact that NAT is a suboptimal solution if we look at the system as a whole. But the reason I deployed NAT in my house was that Roadrunner wanted $10 extra per month for every device I connected to a maximum of 4. I have over 200 IP enabled devices in my house.
Re: IAB Statement on Dotless Domains
On 7/13/2013 7:25 AM, Livingood, Jason wrote: There must be something similar to Godwin's Law whereby any IETF discussion can devolve into a debate over NAT. ;-) It's not devolution, it's translation into our private context. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
Re: IAB Statement on Dotless Domains
On 7/12/13 12:24 PM, Phillip Hallam-Baker hal...@gmail.commailto:hal...@gmail.com wrote: Unfortunately the IAB is not going to give that advice. They seem to have passed on advising ICANN not to issue .corp which is going to be a total security meltdown. The report at http://www.icann.org/en/groups/ssac/documents/sac-057-en.pdf is relevant here (though obviously it is an SSAC document and not an IAB document, which I think is part of the point you may be making). It's not 20 pieces of silver at stake here is a quarter million bucks or more a pop. FWIW, I think for most larger companies with multi-billion dollar revenues streams it is less about the up-front fees to apply operationalize a gTLD than the long term business potential. Jason
Re: IAB Statement on Dotless Domains
From: Livingood, Jason jason_living...@cable.comcast.com FWIW, I think for most larger companies with multi-billion dollar revenues streams it is less about the up-front fees to apply operationalize a gTLD than the long term business potential. I guess I'm missing something. How exactly is having a gTLD going to bring in the Big Bucks? Do people actually type addresses into the address bars on their browsers any more, or do they just type what they're looking for into the search bar? Noel
Re: IAB Statement on Dotless Domains
On 7/13/13 12:27 PM, Noel Chiappa wrote: From: Livingood, Jason jason_living...@cable.comcast.com FWIW, I think for most larger companies with multi-billion dollar revenues streams it is less about the up-front fees to apply operationalize a gTLD than the long term business potential. I guess I'm missing something. How exactly is having a gTLD going to bring in the Big Bucks? Do people actually type addresses into the address bars on their browsers any more, or do they just type what they're looking for into the search bar? Noel Not even using a search bar anymore. Some browsers do a search whilst you are writing the hostname that you want to access. So for facebook I just normally type fac, twitter twi and it autocompletes. For Google and wikipedia I do not even try to go to their web page. For a search (google) I just type what I am looking for and that is all, for wikipedia I do the same and 95% of the times the first search result is the link to them. Regards, as
Re: IAB Statement on Dotless Domains
All the discussion details are overwhelming but I do seem to feel there is a marketing and branding problem especially when it comes to searching a domain at the USER DATA ENTRY LEVEL, i.e. slow keyboard input. For example, I own WINSERVER.COM. Try typing WINSERVER in google (for the first time, clear cache is necessary) and see how the auto-suggestion goes as you type and searching for it yield not WINSERVER.COM first, but places related to WINdows SERVERS like microsoft first. The last time I tried it on a friend's PC to prove the point, it was the 3rd hit after two Microsoft links were shown. I think it is unfair and if I was really worry about it is possible subject to some long time usage trade marking infringement claim. Why is GOOGLE is not, from a technical standpoint, yielding the DNS answer first, with the WINSERVER.COM site first? Of course, I understand the money, profit, business side of it, and also a technical side with the Google's smart BI algorithms used. But most people who would be searching for WINSERVER, they are not really interested in WINDOWS SERVERS first. I don't think its a winning battle, but there are some ethical issues that could be addressed as a global common. Perhaps an I-D can be written to SUGGEST that Searching Techniques SHOULD check the DNS solution first. That may include the dotless answer I suppose as well. -- HLS On 7/12/2013 12:41 PM, Phillip Hallam-Baker wrote: On Fri, Jul 12, 2013 at 12:23 PM, John Levine jo...@taugh.com wrote: domains are going to be dotless and three of the biggest dotless domains are going to be called .apple and .microsoft and .google and they are going I've read the applications for .apple, .microsoft, and .google. None of them propose to use dotless names, only the usual 2LDs. At this pont there is just one application that proposes a dotless name, Google's .search, and it's far from clear what will happen to that, or even if that application would beat out the competing ones from Amazon, Donuts and dot Now, none of which are dotless. Do you think they are lying when they say they won't be dotless? R's, John PS: The applications are all linked here. The financial info is redacted, but the technical stuff is all present. https://gtldresult.icann.org/ I think the people who wrote those applications on behalf of their employers are likely to find that other parts of their organization have a different view after the results are awarded. There are two parts to the DNS business don't forget. Is Andrew really sure that if dns.com decides to help users out by returning the A record for www.microsoft in response to a request for microsoft. and this turns out to have commercial value that his employer is not going to do the exact same thing even over his objections? Do you think that DNS.com is going to lose business to a competitor? [dns.com is owned by my employer and we also provide recursive DNS services] I remember all the squeaking and outrage about sitefinder back in the day. That wasn't my idea but I went along with it as a way to give ICANN a kick up the rear and stop blocking all progress out of fear of lawsuits. How many of the people who complained then now work for companies that deploy the same type of system with the same technical impact? I think you will find that it is actually quite a large number. Only five years ago the US banks managed to create a trillion dollar meltdown because they didn't understand that the perverse market dynamics they had created would force many of their companies into bankruptcy. And if the banks had come to that realization and explained the situation to the Treasury or the Fed they would have had no difficulty getting a regulatory regime established that would have protected their businesses. That didn't happen. Don't expect me to take a stand on your principles. And certainly don't expect me to endorse a statement of principles if I didn't even have the opportunity to discuss it before issue. Most people are averse to chaos. Don't bet your businesses that others are going to be averse to it.
Re: IAB Statement on Dotless Domains
I guess I'm missing something. How exactly is having a gTLD going to bring in the Big Bucks? Do people actually type addresses into the address bars on their browsers any more, or do they just type what they're looking for into the search bar? Let's just say you're not allowed to ask that question, any more than you can ask a fundamentalist Christian how he knows he's going to heaven. You are definitely not allowed to look at the history of .AERO, .TRAVEL, .JOBS, .ASIA, .MUSEUM, .COOP, .MOBI, .TEL or .PRO.
Re: IAB Statement on Dotless Domains
--On Saturday, July 13, 2013 16:28 + John Levine jo...@taugh.com wrote: I guess I'm missing something. How exactly is having a gTLD going to bring in the Big Bucks? Do people actually type addresses into the address bars on their browsers any more, or do they just type what they're looking for into the search bar? Let's just say you're not allowed to ask that question, any more than you can ask a fundamentalist Christian how he knows he's going to heaven. Noel asked at least two different questions. One is not supposed to ask either of them, whether your analogy is appropriate or not. (And see my note from yesterday.) You are definitely not allowed to look at the history of .AERO, .TRAVEL, .JOBS, .ASIA, .MUSEUM, .COOP, .MOBI, .TEL or .PRO. One could quibble about that list -- I'd think about deleting one or two that actually met the rather narrow expectations for them and maybe add a few others that didn't. But, yes, the track record of big profits from selling names out of new gTLDs, especially if defensive registrations are excluded, has been abysmal. As far as I know, the only completely successful business model for post-2001 new gTLDs that were not intended as a service for a restricted community has involved an extreme form of the encourage defensive registrations model, so extreme that others have described it as extortion. john
Re: IAB Statement on Dotless Domains
On 7/13/2013 11:27 AM, Noel Chiappa wrote: From: Livingood, Jason jason_living...@cable.comcast.com FWIW, I think for most larger companies with multi-billion dollar revenues streams it is less about the up-front fees to apply operationalize a gTLD than the long term business potential. I guess I'm missing something. How exactly is having a gTLD going to bring in the Big Bucks? Do people actually type addresses into the address bars on their browsers any more, or do they just type what they're looking for into the search bar? Noel Define people. The layman will not type the protocol (http://), and the auto-suggestion technology is so advanced, you will get multiple different sets of results that may or may not include the DNS solution as the first part of the result. Try typing out my domain, winserver.com. First timers will not get the WINSERVER.COM web site, but Microsoft's WIN SERVER 201x and/or WINDOWS SERVER web sites first. Overall, while I believe winserver and winserver.com are technically different as with winserver.net, winserver.org, etc, I think it would be unfair if a dotless WINSERVER dns entry was prevailing over my winserver.com domain. Perhaps an I-D describing a BCP for searching orders will help, if not already, available. If Dotless domains are to be inter-networking ready as it already in used for intra-networking operations, then perhaps it should be a FALLBACK answer to the .com, .net, org lookup. -- HLS
Re: IAB Statement on Dotless Domains
On Jul 13, 2013, at 7:58 PM, Hector Santos hsan...@isdg.net wrote: Try typing out my domain, winserver.com. First timers will not get the WINSERVER.COM web site, but Microsoft's WIN SERVER 201x and/or WINDOWS SERVER web sites first. I did as you suggested earlier, and typed winserver, but not into Google's search bar. I typed it into the address bar of Safari. Like Chrome, the address bar and search bar are the same. I got these suggestions, sorted by category: Google Search winserver win server 2012 win server 2008 win server 2003 win server 2013 Search Suggestions Santronic's Wildcat! Interactive Net Server (WINSE... winserver.com WinServer - Home winserver.codeplex.com Wildcat! Open Site opensite.winserver.com So finding your site is not that difficult for first-timers. But regardless, the people who type in addresses or DNS names in full are rare and far between.
Re: IAB Statement on Dotless Domains
Reading some of this discussion leaves me puzzled because I can't tell which things that some people are saying are intended to be about dotless use of domains, or are intended to be about the expansion of top level domains in general. The IAB's statement does not seem to be about whether or not new TLDs should be issued, or what good or bad effects that will have; the IAB statement rather seems to assume as a given that new TLDs will come. Yet a significant portion of the debate on this thread seems to be about that. In theory, any of the classic TLDs could've been used in a dotless fashion, but they haven't been. What the IAB statement is about is to urge that none of the new TLDs be used dotlessly either. That's a separate matter from whether they should come into being in the first place. What this brings to mind is that we used to have implicit DNS domain search in the early days of DNS. When edu.com accidentally hijacked a huge chunk of the Internet, most of the net very quickly got rid of implicit search, and we got the explicit DNS search feature that many people are discussing now. If some new TLD gets used in a dotless fashion in a way that truly does cause major trouble, I expect we'll see sites all over the net quickly deploying DNS resolvers that discard A, , or MX records at the top level, to protect their users. -- Cos
Re: IAB Statement on Dotless Domains
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 It could just be me but something about http://example doesn't feel right, I'd rather have http://example.com over http://example Regards, Tom McLoughlin On 13/07/2013 21:11, Ofer Inbar wrote: Reading some of this discussion leaves me puzzled because I can't tell which things that some people are saying are intended to be about dotless use of domains, or are intended to be about the expansion of top level domains in general. The IAB's statement does not seem to be about whether or not new TLDs should be issued, or what good or bad effects that will have; the IAB statement rather seems to assume as a given that new TLDs will come. Yet a significant portion of the debate on this thread seems to be about that. In theory, any of the classic TLDs could've been used in a dotless fashion, but they haven't been. What the IAB statement is about is to urge that none of the new TLDs be used dotlessly either. That's a separate matter from whether they should come into being in the first place. What this brings to mind is that we used to have implicit DNS domain search in the early days of DNS. When edu.com accidentally hijacked a huge chunk of the Internet, most of the net very quickly got rid of implicit search, and we got the explicit DNS search feature that many people are discussing now. If some new TLD gets used in a dotless fashion in a way that truly does cause major trouble, I expect we'll see sites all over the net quickly deploying DNS resolvers that discard A, , or MX records at the top level, to protect their users. -- Cos -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) iF4EAREIAAYFAlHht8UACgkQAfPjg38gQ2AhugEAjQ3klca8lGVhrMPXHrfPG070 6lh5a920j5hXy7dWpzUBAIr7Yi2oDsKoicUYj0XZBADNuflcoXJMPGULGOZD0KM4 =isSY -END PGP SIGNATURE-
Re: IAB Statement on Dotless Domains
On Wed, Jul 10, 2013 at 5:39 PM, Dave Crocker d...@dcrocker.net wrote: On 7/10/2013 11:59 AM, Russ Housley wrote: The IAB has made a statement on dotless domains. You can find this statement here: http://www.iab.org/documents/**correspondence-reports-** documents/2013-2/iab-**statement-dotless-domains-**considered-harmful/http://www.iab.org/documents/correspondence-reports-documents/2013-2/iab-statement-dotless-domains-considered-harmful/ It's unfortunate that the IAB did not choose to circulate a draft before releasing the Statement. The Statement could have been made a bit stronger in the concern it expresses. Or it may have ended up more balanced or it might have more weight. The IAB is selected by a process than ensures it is accountable for no one. Therefore is speaks for no one. If the IAB wants to claim the authority of speaking for the IETF in any matter it needs to circulate drafts and ensure that it reflects IETF opinion before claiming to have reached a conclusion. The DNS is going to go dotless. That is inevitable when people are paying a quarter million dollars to get a dotless domain from ICANN. Trying to control the situation with contractual language assumes that ICANN is going to forgo large amounts of revenue over a technical concern. Any issues that are created by dotless domains are going to be small potatoes compared to the horror show resulting from the assignment of .corp. And no, the problem with .corp is not the fact that there are a few thousand certificates issued, it is the fact that there is a vast amount of enterprise infrastructure predicated on the belief that .corp is a reserved toplevel domain in the same way that 10.x.x.x is a reserved IP zone. ICANN shows no sign of forgoing the registration fees for .corp which is only one domain so why are they going to forgo the registration fees for .microsoft .bankamerica and the other 10,000 companies that would pay that type of money to protect their brand? This is big money for the ICANN staff. Beckstrom was paid close to $1 million if you add in all the bonuses. And the bonuses are profit related. So pretending that ICANN is going to hold off on the commercial opportunities because of its tax status as a non-profit is to have a criminally naive view of human nature. And it is not just ICANN that has a commercial interest here. The proper use of dotless domains ultimately threatens the commercial interests of the TLD operators. Some of which are represented on the IAB. And sorry, if I don't elect people then they don't represent me and f they don't represent me and my interests I will conclude they represent their employers. People are going to get used to typing in web.bankamerica or the like because businesses are going to have a big incentive to drive users to the dotless domains they control rather than continue to be held hostage by every rent seeker with a new TLD - of which there will be several thousand new ones every year under the TLD scheme. Dotless domains are an inevitable consequence of the expansion of the TLD. The job of the IAB should be to deal with the inevitable not perform impressions of King Cnute. And before people start bringing up all the reasons I am wrong here, first consider the fact that for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. If you look back in the archives of the IETF list you will see that my position of NAT, that it is an essential transitional technology for IPv6 was attacked by many people sitting on the IAB for many years. Today most people have come to accept my position on NAT, in fact it has become the mainstream position. But none of the people who spent time trying to slap me down or get me to stop expressing a heretical view have ever said 'hey Phill you were right all along'. And I don't expect things to be different this time round. But in ten years time it will be obvious that domains are going to be dotless and three of the biggest dotless domains are going to be called .apple and .microsoft and .google and they are going to be the companies writing much of the software used to connect to the Internet and their commercial interests are not exactly best served by supporting clapped out thirty year old software programs. Dotted domains were a bad idea in DNS to start with and giving a perpetually renewing contract to Network Solutions to operate the best one was sillier. We should embrace the opportunity to throw a bad engineering decision into the dustbin of history not try to take the side of the TLD operators whose rent seeking opportunities are threatened by the inevitable transition to a dotless scheme. -- Website: http://hallambaker.com/
Re: IAB Statement on Dotless Domains
On 07/12/2013 08:16 AM, Phillip Hallam-Baker wrote: And before people start bringing up all the reasons I am wrong here, first consider the fact that for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. You are weakening your argument. NATs still are a terrible thing that need to be killed. They break applications and prevent many useful applications from being used on the Internet.That much is more widely understood now than it was 10-15 years ago. Keith
Re: IAB Statement on Dotless Domains
On Fri, Jul 12, 2013 at 8:58 AM, Keith Moore mo...@network-heretics.comwrote: On 07/12/2013 08:16 AM, Phillip Hallam-Baker wrote: And before people start bringing up all the reasons I am wrong here, first consider the fact that for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. You are weakening your argument. NATs still are a terrible thing that need to be killed. They break applications and prevent many useful applications from being used on the Internet.That much is more widely understood now than it was 10-15 years ago. The Internet has less than 4 billion addresses for well over six billion devices. I think that at this point you are the only person still making the argument that the world should reject the easy fix for IPv4 address exhaustion that solves their problems at negligible cost to them for the sake of forcing them to make a transition that would be very difficult, expensive and impact every part of the infrastructure. But it would be nice if at least one of those people who argued against me when I was making the case for NAT that has now become the accepted approach would say 'hey Phill you were right there, I am sorry for implying that you were an evil heretical loon for suggesting it'. Not that I am holding my breath waiting. Most folk here value consensus. I do not value consensus when it is wrong. -- Website: http://hallambaker.com/
Re: IAB Statement on Dotless Domains
On 07/12/2013 09:28 AM, Phillip Hallam-Baker wrote: On Fri, Jul 12, 2013 at 8:58 AM, Keith Moore mo...@network-heretics.com mailto:mo...@network-heretics.com wrote: On 07/12/2013 08:16 AM, Phillip Hallam-Baker wrote: And before people start bringing up all the reasons I am wrong here, first consider the fact that for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. You are weakening your argument. NATs still are a terrible thing that need to be killed. They break applications and prevent many useful applications from being used on the Internet.That much is more widely understood now than it was 10-15 years ago. The Internet has less than 4 billion addresses for well over six billion devices. No, the Internet has approximately 2**128 addresses. NATs are a large part of the reason that IPv6 adoption has been delayed. I think that at this point you are the only person still making the argument that the world should reject the easy fix for IPv4 address exhaustion that solves their problems at negligible cost to them for the sake of forcing them to make a transition that would be very difficult, expensive and impact every part of the infrastructure. You are wrong both about solving the problems and negligible cost. (And the real issue isn't so much the cost, but who pays.) But it would be nice if at least one of those people who argued against me when I was making the case for NAT that has now become the accepted approach would say 'hey Phill you were right there, I am sorry for implying that you were an evil heretical loon for suggesting it'. Not that I am holding my breath waiting. If you were right, someone might say that. Most folk here value consensus. I do not value consensus when it is wrong. Nor do I. Keith
Re: IAB Statement on Dotless Domains
From: Phillip Hallam-Baker hal...@gmail.com for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. That is so confused. First, many (the majority?) of people in the IETF who didn't like NATs had sound technical reasons for so doing (it breaks end-end, makes third party referrals in peer-peer applications harder, etc). Those of us who diagree with them don't (in general) disagree about those costs, just think the benefits of NAT outweigh them. (See below.) Second, while the ability to have a per-device fee might have seemed like a nice fantasy to some ISPs, the reality is that their costs are driven by i) the total amount of bandwidth used at the site, and ii) the costs of providing the connection (hardware, configuration, etc). Anyone who tried to monetize per-device would have had competition from people who only charged based on their actual costs. And given that NATs are so easy for consumers to set up, I think most ISPs realize they save them a bundle in customer support costs (given that each customer call costs them some amazing amount of money); the inevitable support costs from per-device would diminish the amount of money allegedly to be made. From: Keith Moore mo...@network-heretics.com NATs still are a terrible thing that need to be killed. They break applications and prevent many useful applications from being used on the Internet. That much is more widely understood now than it was 10-15 years ago. You're still ignoring what _empirical evidence_ has shown to be true: yes, there are costs to NAT, but it also has benefits, in that it attacks some of the fundamental flaws in the IPvN architectures in general (lack of local allocation of identifiers, ability to relocate [aka renumber] without local reconfiguration, etc) and in IPv4 in particular (not enough address bits), and when people look at the overall cost/benefit ratio, they prefer it to the alternatives. Noel
Re: IAB Statement on Dotless Domains
Keith, read my words, I choose them more carefully than you imagine. solves their problems at negligible cost TO THEM What part of that do you disagree with? I don't dispute the fact that NAT is a suboptimal solution if we look at the system as a whole. But the reason I deployed NAT in my house was that Roadrunner wanted $10 extra per month for every device I connected to a maximum of 4. I have over 200 IP enabled devices in my house. On Fri, Jul 12, 2013 at 9:38 AM, Keith Moore mo...@network-heretics.comwrote: On 07/12/2013 09:28 AM, Phillip Hallam-Baker wrote: On Fri, Jul 12, 2013 at 8:58 AM, Keith Moore mo...@network-heretics.comwrote: On 07/12/2013 08:16 AM, Phillip Hallam-Baker wrote: And before people start bringing up all the reasons I am wrong here, first consider the fact that for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. You are weakening your argument. NATs still are a terrible thing that need to be killed. They break applications and prevent many useful applications from being used on the Internet.That much is more widely understood now than it was 10-15 years ago. The Internet has less than 4 billion addresses for well over six billion devices. No, the Internet has approximately 2**128 addresses. NATs are a large part of the reason that IPv6 adoption has been delayed. I think that at this point you are the only person still making the argument that the world should reject the easy fix for IPv4 address exhaustion that solves their problems at negligible cost to them for the sake of forcing them to make a transition that would be very difficult, expensive and impact every part of the infrastructure. You are wrong both about solving the problems and negligible cost. (And the real issue isn't so much the cost, but who pays.) But it would be nice if at least one of those people who argued against me when I was making the case for NAT that has now become the accepted approach would say 'hey Phill you were right there, I am sorry for implying that you were an evil heretical loon for suggesting it'. Not that I am holding my breath waiting. If you were right, someone might say that. Most folk here value consensus. I do not value consensus when it is wrong. Nor do I. Keith -- Website: http://hallambaker.com/
Re: IAB Statement on Dotless Domains
On Fri, Jul 12, 2013 at 10:10 AM, Noel Chiappa j...@mercury.lcs.mit.eduwrote: Anyone who tried to monetize per-device would have had competition from people who only charged based on their actual costs. So not deploying NAT would somehow magically cause a second broadband provider to unroll a fiber optic cable to my house? There was no competition in broadband in my city until Verizon unrolled FiOS just over a year ago and so your economic theory fails completely as far as I am concerned. For competition to change behavior there has to be an open market and the US Internet market has very little of that. -- Website: http://hallambaker.com/
Re: IAB Statement on Dotless Domains
On Fri, Jul 12, 2013 at 10:22 AM, Paul Wouters p...@nohats.ca wrote: On Fri, 12 Jul 2013, Phillip Hallam-Baker wrote: And I don't expect things to be different this time round. But in ten years time it will be obvious that domains are going to be dotless and three of the biggest dotless domains are going to be called .apple and .microsoft and .google and they are going to be the companies writing much of the software used to connect to the Internet and their commercial interests are not exactly best served by supporting clapped out thirty year old software programs. I notice you are missing .oracle and .exchange and .mail. Is that because you can't take any more slaps on the back or because you know too many companies that have servers in their domain that would get bypassed by your awesome magic three software vendors listed above? No, I limited it to them only because those three companies can flood the market with software that makes the decision by force majeur. I don't think the domains you list have the market power on the desktop to be a sufficient quorum. Dotted domains were a bad idea in DNS to start with and giving a perpetually renewing contract to Network Solutions to operate the best one was sillier. We should embrace the opportunity to throw a bad engineering decision into the dustbin of history not try to take the side of the TLD operators whose rent seeking opportunities are threatened by the inevitable transition to a dotless scheme. I can't wait for your draft suggesting a fix based on a DNS zone that whitelists/blacklists those words that can be used dotless withou harm, after using /etc/hosts through ansible fails to scale. The community has only two choices that make sense, either embrace dotless domains or deploy DNS rules that simply block all the new ICANN TLDs as unnecessary rent seeking noise. I would actually prefer the second but I don't think a 'just say no to new TLDs' is a viable proposition. The proportion of the Internet user community that is aware of default domain sufixes at all is very unlikely to be as much as 1%. So if we are going to make a proper argument on the grounds of avoiding user confusion we should probably be telling software providers to stop supporting the local domain prefixes in platforms as a security risk. The default path on this machine is probably verizon.net. I find the default domain suffix to be sufficiently useless that I never bother to set it. -- Website: http://hallambaker.com/
Re: IAB Statement on Dotless Domains
On Fri, 12 Jul 2013, Keith Moore wrote: On 07/12/2013 09:28 AM, Phillip Hallam-Baker wrote: On Fri, Jul 12, 2013 at 8:58 AM, Keith Moore mo...@network-heretics.com wrote: On 07/12/2013 08:16 AM, Phillip Hallam-Baker wrote: And before people start bringing up all the reasons I am wrong here, first consider the fact that for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. You are weakening your argument. NATs still are a terrible thing that need to be killed. There is an argument in the above? I read just a misguided opinion with no facts. They break applications and prevent many useful applications from being used on the Internet. That much is more widely understood now than it was 10-15 years ago. It was always understood by the engineers. It's the money making machine that did not care. I think that at this point you are the only person still making the argument that the world should reject the easy fix for IPv4 address exhaustion that solves their problems at negligible cost to them for the sake of forcing them to make a transition that would be very difficult, expensive and impact every part of the infrastructure. I suggest Phillip is rewarded with a staticly configured 192.168.1.1 address for life on _all_ of his devices. Most folk here value consensus. I do not value consensus when it is wrong. Nor do I. Indeed. When you're NAT on the net, you're NOT on the net -- Hugh Daniel Paul
Re: IAB Statement on Dotless Domains
On Fri, 12 Jul 2013, Paul Wouters wrote: I clearly meant 192.168.1.1 to go to Keith Moore, but the terribly gmail quoting method confused me in who said what :P Paul Date: Fri, 12 Jul 2013 10:12:24 From: Paul Wouters p...@nohats.ca Cc: Phillip Hallam-Baker hal...@gmail.com, IETF Discussion Mailing List ietf@ietf.org To: Keith Moore mo...@network-heretics.com Subject: Re: IAB Statement on Dotless Domains On Fri, 12 Jul 2013, Keith Moore wrote: On 07/12/2013 09:28 AM, Phillip Hallam-Baker wrote: On Fri, Jul 12, 2013 at 8:58 AM, Keith Moore mo...@network-heretics.com wrote: On 07/12/2013 08:16 AM, Phillip Hallam-Baker wrote: And before people start bringing up all the reasons I am wrong here, first consider the fact that for many years it was IETF ideology that NATs were a terrible thing that had to be killed. A position I suspect was largely driven by some aggressive lobbying by rent-seeking ISPs looking to collect fees on a per device basis rather than per connection. You are weakening your argument. NATs still are a terrible thing that need to be killed. There is an argument in the above? I read just a misguided opinion with no facts. They break applications and prevent many useful applications from being used on the Internet. That much is more widely understood now than it was 10-15 years ago. It was always understood by the engineers. It's the money making machine that did not care. I think that at this point you are the only person still making the argument that the world should reject the easy fix for IPv4 address exhaustion that solves their problems at negligible cost to them for the sake of forcing them to make a transition that would be very difficult, expensive and impact every part of the infrastructure. I suggest Phillip is rewarded with a staticly configured 192.168.1.1 address for life on _all_ of his devices. Most folk here value consensus. I do not value consensus when it is wrong. Nor do I. Indeed. When you're NAT on the net, you're NOT on the net -- Hugh Daniel Paul
Re: IAB Statement on Dotless Domains
On Fri, 12 Jul 2013, Phillip Hallam-Baker wrote: Today most people have come to accept my position on NAT, in fact it has become the mainstream position. Or perhaps I was not. But I guess it's software written by those three companies listed below that's soo good that makes quoting clear :P But none of the people who spent time trying to slap me down or get me to stop expressing a heretical view have ever said 'hey Phill you were right all along'. Because you're not? (If the quoting worked this time and you really said NAT's have a value other then being a cheap band-aid for those with lots of money) And I don't expect things to be different this time round. But in ten years time it will be obvious that domains are going to be dotless and three of the biggest dotless domains are going to be called .apple and .microsoft and .google and they are going to be the companies writing much of the software used to connect to the Internet and their commercial interests are not exactly best served by supporting clapped out thirty year old software programs. I notice you are missing .oracle and .exchange and .mail. Is that because you can't take any more slaps on the back or because you know too many companies that have servers in their domain that would get bypassed by your awesome magic three software vendors listed above? Dotted domains were a bad idea in DNS to start with and giving a perpetually renewing contract to Network Solutions to operate the best one was sillier. We should embrace the opportunity to throw a bad engineering decision into the dustbin of history not try to take the side of the TLD operators whose rent seeking opportunities are threatened by the inevitable transition to a dotless scheme. I can't wait for your draft suggesting a fix based on a DNS zone that whitelists/blacklists those words that can be used dotless withou harm, after using /etc/hosts through ansible fails to scale. Paul
Re: IAB Statement on Dotless Domains
On Fri, 12 Jul 2013, Phillip Hallam-Baker wrote: I notice you are missing .oracle and .exchange and .mail. Is that because you can't take any more slaps on the back or because you know too many companies that have servers in their domain that would get bypassed by your awesome magic three software vendors listed above? No, I limited it to them only because those three companies can flood the market with software that makes the decision by force majeur. I don't think the domains you list have the market power on the desktop to be a sufficient quorum. avoiding answering the implicit question about huge collateral damage when exchange.company.TLD and oracle.company.TLD start resolving to company external IPs. Even if just _one_ airline company would fall into this trap, it would be millions of dollars of damage alone. Paid for by vanity domains that make turning clearly visible domain names into a confusion about what's a single word and what's a domain name. The community has only two choices that make sense, either embrace dotless domains or deploy DNS rules that simply block all the new ICANN TLDs as unnecessary rent seeking noise. We disagree on the the first, and the second one is as relevant as whether I should add sugar to my morning coffee or not. The proportion of the Internet user community that is aware of default domain sufixes at all is very unlikely to be as much as 1%. So if we are going to make a proper argument on the grounds of avoiding user confusion we should probably be telling software providers to stop supporting the local domain prefixes in platforms as a security risk. The default path on this machine is probably verizon.net. I find the default domain suffix to be sufficiently useless that I never bother to set it. You think that users know and/or can set a default domain suffix? That programmers twenty years ago knew and/or understood what that even meant (or you think no one runs 20 year old software?) That everyone knows about suffix manipulation through their DHCP connections? And VPN connections? Apart from that, were you a proponent of the file extension and mime type wars too? Because as soon as one company takes something like .profitable as dotless, someone else will claim profitable:// and all the browsers will just be giant pools of local policy causing utter confusion and at best will yield a totally unpredictable user experience for dotless domains. Don't expect a pat on the shoulder from me in twenty years. Paul
Re: IAB Statement on Dotless Domains
domains are going to be dotless and three of the biggest dotless domains are going to be called .apple and .microsoft and .google and they are going I've read the applications for .apple, .microsoft, and .google. None of them propose to use dotless names, only the usual 2LDs. At this pont there is just one application that proposes a dotless name, Google's .search, and it's far from clear what will happen to that, or even if that application would beat out the competing ones from Amazon, Donuts and dot Now, none of which are dotless. Do you think they are lying when they say they won't be dotless? R's, John PS: The applications are all linked here. The financial info is redacted, but the technical stuff is all present. https://gtldresult.icann.org/
Re: IAB Statement on Dotless Domains
On Fri, Jul 12, 2013 at 11:02 AM, Paul Wouters p...@nohats.ca wrote: On Fri, 12 Jul 2013, Phillip Hallam-Baker wrote: I notice you are missing .oracle and .exchange and .mail. Is that because you can't take any more slaps on the back or because you know too many companies that have servers in their domain that would get bypassed by your awesome magic three software vendors listed above? No, I limited it to them only because those three companies can flood the market with software that makes the decision by force majeur. I don't think the domains you list have the market power on the desktop to be a sufficient quorum. avoiding answering the implicit question about huge collateral damage when exchange.company.TLD and oracle.company.TLD start resolving to company external IPs. Even if just _one_ airline company would fall into this trap, it would be millions of dollars of damage alone. Paid for by vanity domains that make turning clearly visible domain names into a confusion about what's a single word and what's a domain name. Which in my view is an excellent argument for the IAB to issue an advisory warning that such domains are a terrible idea and that ICANN should not issue such domains under any circumstance. Unfortunately the IAB is not going to give that advice. They seem to have passed on advising ICANN not to issue .corp which is going to be a total security meltdown. It's not 20 pieces of silver at stake here is a quarter million bucks or more a pop. I think that there is actually very good reason to believe that the two domains you cite will not be a problem as Microsoft and Oracle both have very competent and aggressive legal departments and can be expected to rip ICANN apart legally limb from limb were they to be silly enough to issue them to any one else in flagrant violation of their longstanding trademarks. But there are hundreds of other TLDs that are going to be causing a huge amount of damage and these are not going to be understood at first. You think that users know and/or can set a default domain suffix? That programmers twenty years ago knew and/or understood what that even meant (or you think no one runs 20 year old software?) That everyone knows about suffix manipulation through their DHCP connections? And VPN connections? That is my point precisely. I think the domain search lists should be eliminated completely in the platform code because they are a little used feature with significant and non obvious security implications. Apart from that, were you a proponent of the file extension and mime type wars too? Because as soon as one company takes something like .profitable as dotless, someone else will claim profitable:// and all the browsers will just be giant pools of local policy causing utter confusion and at best will yield a totally unpredictable user experience for dotless domains. Don't expect a pat on the shoulder from me in twenty years. For what it is worth I have always considered using file extensions to specify the file type to be an unscalable hack. Mime types are a lot better. -- Website: http://hallambaker.com/
Re: IAB Statement on Dotless Domains
On Fri, Jul 12, 2013 at 12:23 PM, John Levine jo...@taugh.com wrote: domains are going to be dotless and three of the biggest dotless domains are going to be called .apple and .microsoft and .google and they are going I've read the applications for .apple, .microsoft, and .google. None of them propose to use dotless names, only the usual 2LDs. At this pont there is just one application that proposes a dotless name, Google's .search, and it's far from clear what will happen to that, or even if that application would beat out the competing ones from Amazon, Donuts and dot Now, none of which are dotless. Do you think they are lying when they say they won't be dotless? R's, John PS: The applications are all linked here. The financial info is redacted, but the technical stuff is all present. https://gtldresult.icann.org/ I think the people who wrote those applications on behalf of their employers are likely to find that other parts of their organization have a different view after the results are awarded. There are two parts to the DNS business don't forget. Is Andrew really sure that if dns.com decides to help users out by returning the A record for www.microsoft in response to a request for microsoft. and this turns out to have commercial value that his employer is not going to do the exact same thing even over his objections? Do you think that DNS.com is going to lose business to a competitor? [dns.com is owned by my employer and we also provide recursive DNS services] I remember all the squeaking and outrage about sitefinder back in the day. That wasn't my idea but I went along with it as a way to give ICANN a kick up the rear and stop blocking all progress out of fear of lawsuits. How many of the people who complained then now work for companies that deploy the same type of system with the same technical impact? I think you will find that it is actually quite a large number. Only five years ago the US banks managed to create a trillion dollar meltdown because they didn't understand that the perverse market dynamics they had created would force many of their companies into bankruptcy. And if the banks had come to that realization and explained the situation to the Treasury or the Fed they would have had no difficulty getting a regulatory regime established that would have protected their businesses. That didn't happen. Don't expect me to take a stand on your principles. And certainly don't expect me to endorse a statement of principles if I didn't even have the opportunity to discuss it before issue. Most people are averse to chaos. Don't bet your businesses that others are going to be averse to it. -- Website: http://hallambaker.com/
Re: IAB Statement on Dotless Domains
Do you think they are lying when they say they won't be dotless? Since http://dotless won't work in any host that has a default domain configured, which as far as I can tell is most hosts on earth, I don't think they're lying. It may be stupid and a license to print money, but that's another story. Brian
Re: IAB Statement on Dotless Domains
Hi. I've been trying to stay out of the broader conversation here, but it seems to have gone far enough into general issues... Disclaimer and context: I felt that the DNS was better off with deep hierarchy since before the work that led to RFC 1591 started. I hadn't changed my mind when the NRC report [1] tried to stress that it was much more important to look at navigation issues than at how many names one could sell. I felt the same way during the gTLD-MOU effort and, during the period leading up to ICANN, argued that generic TLDs should be encouraged to compete on services, not only price. I think we would have been better off if we had called this critter the domain mnemonic system because we may have been doomed as soon as the world name and the folks who design user interfaces and marketing campaigns caught up with each other. For the same reason, I thought TLD labels should be treated as codes with names being a user interface property and have had misgivings about top-level IDNs because I was concerned that they would immediately introduce name translation problems [2]. I haven't changed my mind much in the last several years and believe that the only likely effect of having a few thousand TLDs will be to increase the rate at which users --most of whom already don't know the difference between a domain name and a search term-- go to search engines rather than trying to remember and use any but a very few domain names.I assume there are folks around ICANN who aren't aware of those views and the reasoning behind them, but it isn't because either my versions of them or those of others have been a secret. That said: (1) It is clear to me that ICANN is committed to the gTLD course --including generic terms, IDNs and variants, and a number of other things that may be ill-advised-- and that they, case-by-case decisions about a few names notwithstanding, are not going to change course unless something happens externally that gives them no choice. (2) In the context of the above, making statements at this time is largely an effort in a**-covering: allowing various entities to say, if something goes wrong, don't blame us, we warned you. If the IAB really wanted to make a statement that might have affected the overall situation, the window on that probably closed a year or two ago. Perhaps they should have done that, perhaps not, but it is too late. (3) If the IAB is going to make statements now, for whatever reason, I believe those statements should be technically comprehensive. Because I don't expect such statements to have any real effect, that has as much or more to do with IAB long-term credibility as it does with statement content. For that reason, focusing this one on the DNS and ignoring the applications consequences is probably suboptimal. (4) There may be an IETF community issue with how the IAB is handling statements like this. On the one hand, I believe it is very important that the IAB be able to reach conclusions and expose them to the wider world without IETF consensus approval. On the other, I think that their taking advantage of that too often, especially when there should be reason to believe that there are useful perspectives in the community that they may not have internally, represents poor judgment. IMO, there has to be a balance, the IAB has to decide where that balance lies, and the community's best recourse if they regularly get it wrong involve conversations with the Nomcom. My own guess is that this new gTLD stuff is going to work out badly for the Internet. In one scenario, some new gTLD applicants get the domains they asked for, things don't work out as they expected when they applied (whether technically or economically makes no difference) and they respond unhappily (which might involve lawyers but probably doesn't really affect the IETF or the Internet in a substantive way. In another, users go even more to search engines and the value of domain names drops significantly. That could, indirectly, have bad effects on ISOC and how the IETF budget is supported. In still another, there could be some nasty effects on ICANN and/or its leadership that could disrupt whatever balance now exists in Internet governance and/or the interactions among players in, e.g., the Internet protocol space. But, IMO, the thing that all these issues and discussions threads have in common is that we are in between the time that different plans could have been made and the time that we find out how things are really going to sort themselves out. A statement here and there aside, we mostly need to wait... and debates about what happened in the past and why might be interesting
Re: IAB Statement on Dotless Domains
Since http://dotless won't work in any host that has a default domain configured, ... It's worse than that. If there is a name dotless in the default domain, it'll find that one, otherwise it'll fall back to the TLD. Point your browser at http://dk/ or http://tm/ and see what happens. For extra fun, try https://dk/ or https://tm/ Regards, John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY I dropped the toothpaste, said Tom, crestfallenly. smime.p7s Description: S/MIME Cryptographic Signature
Re: IAB Statement on Dotless Domains
On 12/07/2013 14:16, Phillip Hallam-Baker wrote: The DNS is going to go dotless. That is inevitable when people are paying a quarter million dollars to get a dotless domain from ICANN. Trying to control the situation with contractual language assumes that ICANN is going to forgo large amounts of revenue over a technical concern. Not without a fight with at least one of its advisory committees. http://atlarge-lists.icann.org/pipermail/alac/2013/003232.html IMO, given the Advice, it would be unwise for ICANN to move forward with dotless domains as it stands today. Kind regards, Olivier MJ Crépin-Leblond ALAC Chair
Re: IAB Statement on Dotless Domains
Hi, On Wed, Jul 10, 2013 at 08:23:36PM -0700, S Moonesamy wrote: responsibility about the RFC Series. The IAB statement refers to RFCs from the www.faqs.org website. Thanks for pointing this out. It is indeed embarrassing. This was a clerical error. We have fixed it. By way of explanation: we used a wiki to develop the statement collaboratively. It turns out that the wiki software automatically creates links to the faq.org listing of RFCs whenever RFC shows up in running text. We failed to remove these (auto-generated) links when we posted the statement on the IAB site, so that's why they showed up. We'll be more careful about this in future. Best regards, Andrew (as an IAB member) -- Andrew Sullivan a...@anvilwalrusden.com
Re: IAB Statement on Dotless Domains
On 7/10/2013 11:59 AM, Russ Housley wrote: The IAB has made a statement on dotless domains. You can find this statement here: http://www.iab.org/documents/correspondence-reports-documents/2013-2/iab-statement-dotless-domains-considered-harmful/ It's unfortunate that the IAB did not choose to circulate a draft before releasing the Statement. The Statement could have been made a bit stronger in the concern it expresses. There's been a separate discussion on the SMTP mailing list about the ICANN SSAC report on the topic of dotless domains. The report correctly notes that there are also email barriers to the use of dotless domains. The report incorrectly attributes these to the email standards, which do not prohibit the use. (To be fair the format standard RFC 2822, which was in force for a number of years, did have the prohibition, but neither its predecessor nor its successor -- the current standard RFC5322 -- carry the limitation.) Rather, the SMTP mailing list confirmed common software implementation barriers, sometimes due to the DNS-related stricture. More interesting were other concerns about possible attacks and configuration errors. The example of localhost was cited. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net
Re: IAB Statement on Dotless Domains
Hello, At 11:59 10-07-2013, Russ Housley wrote: The IAB has made a statement on dotless domains. You can find this statement here: http://www.iab.org/documents/correspondence-reports-documents/2013-2/iab-statement-dotless-domains-considered-harmful/ There was a report from the ICANN the Security and Stability Advisory Committee in February 2012 on Dotless domains. An IAB statement about Dotless Domains Considered Harmful is issued over a year after that. I am surprised that a draft of the statement was not brought to the attention of the IETF participants who have been discussing about the use of dotless domains on the SMTP mailing list. To be fair, I should have read the minutes and enquired about the matter instead of commenting about the matter after the fact. ICANN announced in May 2013 that it has commissioned a study on the potential risks related to dotless domain names based on SAC 053 report. The announcement mentioned that in June 2012 the ICANN Board directed staff to consult with the relevant communities regarding implementation of the recommendations in SAC 053. One of the recommendations in SAC0533 is that: As a result, the SSAC also recommends that the use of DNS resource records such as A, , and MX in the apex of a Top-Level Domain (TLD) be contractually prohibited where appropriate and strongly discouraged in all cases. I don't know whether the ICANN Board considers the IETF as a relevant community. I read several IETF Fluff Area mailing lists. I did not see any message about a consultation regarding that recommendation. The IAB statement mentioned that: The IAB believes that SSAC report SAC053 [SAC053] is a reasonable summary of the technical problems that arise from the implementation of dotless domains. I would describe the report as an adequate summary of the technical problems for a non-technical audience. RFC 5321 was published in October 2008. SAC053 references RFC 2821 on Page 7. It is odd that the members of the ICANN Security and Stability Advisory Committee were not aware that RFC 2821 was then considered as obsolete for over three years. From the IAB statement: SAC053 does not, however, discuss the standards compliance aspect. And from SAC053: Thus standard-compliant mail servers would reject emails to addresses such as user@brand. The report mentions a standards compliance aspect. From the IAB statement: The use of SHOULD for [RFC 1123 section 6.1.4.3] (b) is a recommendation against doing DNS queries for dotless domains. RFC 2119 explains the meaning of SHOULD as follows: and the statement quotes text from RFC 2119. The meaning of the SHOULD in RFC 1123 is explained in RFC 1123. RFC 1123 was published in October 1989. RFC 2119 was published in March 1997. I suspect that the IAB may have used time-travel technology for the discussion of standards conformance. The IAB issued a statement about The interpretation of rules in the ICANN gTLD Applicant Guidebook in February 2012. That report also refers to one of the specific TLD requirements set by RFC 1123. It seems to me that the conversations with subject matter specialists were mainly about adding a string to the Root Zone and that the protocol-related issues might not have been conveyed clearly given that the IAB issued the statement about dotless domains in July 2013. The IAB previously mentioned that it maintains its chartered responsibility about the RFC Series. The IAB statement refers to RFCs from the www.faqs.org website. It might be better to reference the rfc-editor.org links or else there may be a perception that the IAB is not aware of the most stable reference available. Regards, S. Moonesamy
