[142088] in North American Network Operators' Group
Re: ICANN to allow commercial gTLDs
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Fri Jun 17 21:26:48 2011
In-Reply-To: <30049498.622.1308349992330.JavaMail.root@benjamin.baylink.com>
Date: Fri, 17 Jun 2011 20:25:28 -0500
From: Jimmy Hess <mysidia@gmail.com>
To: Jay Ashworth <jra@baylink.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Jun 17, 2011 at 5:33 PM, Jay Ashworth <jra@baylink.com> wrote:
> For me, the engineering problem remains *single-component FQDNs*. =A0I
> can't itemize the code they'll break, but I'm quite certain there's a lot=
.
Perhaps we could get an update to the relevant RFCs.. clarifying that
only NS records may be dotless in the root namespace?
As in -- No hostnames A, MX, or CNAME at the TLD level.
The notion of a single-component FQDN would be quite a breakage for
the basic concept of using both FQDNs and Unqualified names.
Consider you have a hostname on your lan called "foobar", and
someone registers .foobar and lists an @ A in the foobar zone.
So... does "http://foobar" go to your LAN server?
If yes, then .foobar's @ record is worthless.
If no, then you have a security problem.... when .foobar
is suddenly registered without you knowing, and the @ A
gets pointed to a 'credentials stealing' site.
> Cheers,
> -- jra
--
-JH
