[162451] in North American Network Operators' Group
Re: What do people use public suffix for?
daemon@ATHENA.MIT.EDU (Danny McPherson)
Tue Apr 16 22:19:39 2013
From: Danny McPherson <danny@tcb.net>
In-Reply-To: <m24nf7sckn.fsf@localhost.localdomain>
Date: Tue, 16 Apr 2013 22:19:21 -0400
To: Geoffrey Keating <geoffk@geoffk.org>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Apr 15, 2013, at 5:34 PM, Geoffrey Keating wrote:
>=20
> CAs use it as part of a procedure to determine whether it's safe to
> issue a wildcard domain (as in, if it's on the list, it's not safe). =
See
> <https://www.cabforum.org/Baseline_Requirements_V1_1_3.pdf>, section =
11.1.3.
>=20
> They'd really like to have a process which is less ad-hoc. For
> example, it'd be great if these points were annotated in the DNS
> itself, perhaps with a record which points to the corresponding
> whois server.
Concur - I think codifying DNS's dynamic structure in an outside medium =
is only going to cause problems down the road (e.g., especially with =
namespace diffusion from the likes of new gTLDs, etc..).
While an unfortunate naming collision here (i.e., the "SOPA" RR), I =
think an approach such as [1] has some merit - but much work needs to be =
done. =20
-danny
[1] http://tools.ietf.org/html/draft-sullivan-domain-origin-assert-02
