"John Levine" <johnl@iecc.com> writes:
The public suffix list contains points in the DNS where (roughly speaking) names below that point are under different management from each other and from that name. It's here: http://publicsuffix.org/
The idea is that abc.foo.com and xyz.foo.com have the same management, but abc.co.uk and xyz.co.uk do not.
You don't have to tell me that it's a gross crock, but it seems to be a useful one. What do people use it for? ...
CAs use it as part of a procedure to determine whether it's safe to issue a wildcard domain (as in, if it's on the list, it's not safe). See <https://www.cabforum.org/Baseline_Requirements_V1_1_3.pdf>, section 11.1.3. They'd really like to have a process which is less ad-hoc. For example, it'd be great if these points were annotated in the DNS itself, perhaps with a record which points to the corresponding whois server.