On 07/11/2013 03:57 PM, Geoffrey Keating wrote:
Mark Andrews <marka@isc.org> writes:
In message <krmkg2$flc$1@ger.gmane.org>, Chris Hills writes:
Whilst I am not a fan of dotless domains, as long as one uses the fully qualified domain name (e.g. http://ac./), there should not be any trouble using it in any sane software. It seems that most people aren't aware these days that a fqdn includes the trailing period (by definition).
No it does not. Period at the end is a local convention to stop searching on some platforms. It is not syntactically legal. Note the words 'a sequence of domain labels separated by "."'. Periods at the end are NOT legal.
RFC 1738
host The fully qualified domain name of a network host, or its IP address as a set of four decimal digit groups separated by ".". Fully qualified domain names take the form as described in Section 3.5 of RFC 1034 [13] and Section 2.1 of RFC 1123 [5]: a sequence of domain labels separated by ".", each domain label starting and ending with an alphanumerical character and possibly also containing "-" characters. The rightmost domain label will never start with a digit, though, which syntactically distinguishes all domain names from the IP addresses.
That was fixed in RFC 2396:
... which has the title, "Uniform Resource Identifiers (URI): Generic Syntax," so not necessarily a treatise on host name syntax. :)
host = hostname | IPv4address hostname = *( domainlabel "." ) toplabel [ "." ]
... The rightmost domain label of a fully qualified domain name will never start with a digit, thus syntactically distinguishing domain names from IPv4 addresses, and may be followed by a single "." if it is necessary to distinguish between the complete domain name and any local domain.
However, I think it's safe to say this is an edge case and chances are you'll have trouble using dotless domains with some software and processes.
Right-o. And even if 2396 was authoritative, the "may" in "may be followed" highlights the point Mark made earlier: Such syntax is not universally recognized over all operating systems, or even all applications. And that's totally aside from the difficulty in user education.
For example, you'll probably have trouble getting a SSL certificate.
Given that some CAs have already issued certs for host names that are not valid in the public DNS now, and have been doing so for years, dotless domains may have a higher barrier to entry for SSL, but the barrier is not infinitely high. All that said, I am a proponent of the slightly heretical view that ICANN should not prohibit this for gTLDs, however I do think they should provide good user education as to why it will likely be a bad idea. The key factor for me is that the ccTLDs are already doing it, and there is nothing ICANN can do to stop them from doing so. Thus it would be "unfair" in a philosophical sense for ICANN to restrict the gTLDs in this manner. (I think one could even make an argument that for ICANN to attempt to do so would be restraint of trade, but IANAL.) While I recognize that widespread use of dotless domains would undoubtedly break stuff in the short term, I also think that both application and OS developers would adapt to the changing landscape over time. It's also worth mentioning that at least some of the things that would "break" in the short term are things we've been telling people for many years not to do in the first place ... Doug