Feeds

Dot-brand explosion will shell-shock lazy coders - ICANN

Devs urged to swot up on parsing new domain extensions

Intelligent flash storage arrays

Millions of internet users face being locked out of popular websites unless software developers pay attention to the forthcoming explosion in new top-level domain names.

Domain name overseer ICANN told El Reg this week that developers and webmasters need to track the progress of its new gTLD programme, which is expected to start pumping out new right-of-the-dot addresses as early as the first quarter next year.

Kim Davies, ICANN's manager of root zone services, said that the organisation is planning a brainstorming session at its public meeting in Costa Rica next month to figure out ways to encourage the "universal acceptance" of gTLDs.

When ICANN approved its first batch of new gTLDs – such as .info and .museum – in 2000, users found that in many cases software would not recognise these new addresses as domain names. Even today, web-based registration forms will sometimes reject email addresses that end in .info and encourage folk to enter a "valid" email address instead.

Newer gTLDs, such as .xxx, which launched in December, have experienced similar teething troubles.

For example, if you type http://example.com during a Skype instant message conversation, the software will automatically render it as a clickable link. If, however, you type http://example.xxx, it will render as plain text. For several months last year some Twitter applications did not recognise .xxx as a domain.

These problems often show up because developers use string length or a hard-coded list of known TLDs to determine whether something is a domain name, according to Davies.

Because gTLDs such as .com and .org and country-codes such as .uk and .au are the most commonly used addresses, sometimes address validation algorithms are designed to reject TLDs longer than three characters. Other applications use outdated lists of TLDs that do not include recent additions.

This lack of acceptance could become even more problematic when ICANN starts approving new gTLDs such as .music, .london and .canon, and people start using them.

"If you're doing a domain check, checking for valid TLD, ask yourself why you are doing it," Davies said. "Most of the time you don't need to be doing that check at all. If you do need to do a check, the best way to do it is to use DNS. You get a response in milliseconds."

For offline applications that cannot access DNS immediately, ICANN publishes a free daily list of which TLDs are live in the internet's domain name root zone. It also has released several free reference implementations at Github.

"The technology is pretty settled, the issue now is awareness," Davies said.

Calling International Rescue

But the new gTLD programme is also going to throw up another wrinkle that could confuse developers and web masters – top-level Internationalised Domain Names (IDNs).

These are domain names that are displayed in anything other than the Latin script used in English. One Russian company, for example, plans to apply to ICANN for .ДЕТИ, which means .children.

"It's not just the .museums or .infos that need support, now it's the .chinas or domains written in Cyrillic," Davies said.

IDNs are designed to be displayed in a variety of scripts using the Unicode standard, but they are stored in the DNS as ASCII strings that begin with the prefix xn--.

Software needs to be able to translate the original-script "U-label" into the DNS-compatible "A-label" using the IDNA 2008 standard, Davies said. There are several open-source IDNA 2008 libraries developers can use, such as this one, he said.

ICANN will use its session in Costa Rica on 14 March to reach out to domain name registries, registrars and other interested parties for ideas about how to encourage acceptance. Those unable to attend in person will be able to remotely participate via the ICANN website.

"There's a notion that maybe we should keep track of notable websites and software and their level of support," Davies said. "Maybe we can find some high-value targets and make sure that key websites or key pieces of software support these TLDs."

However, Davies acknowledged that the market may take care of the problem by itself. While previous new gTLD introductions have been small enough to fly under the radar of many developers, ICANN is expecting over 1,000 applications for new gTLDs this time around.

With many of these expected to be "dot-brand" addresses owned by technology companies, awareness of the need for gTLD acceptance could spread virally quite quickly.

"With the proliferation of many more TLDs I think awareness will naturally increase," Davies said. "I think the rising tide will lift all boats." ®

Beginner's guide to SSL certificates

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Virgin Media struck dumb by NATIONWIDE packet loss balls-up
Turning it off and on again fixes glitch 12 HOURS LATER
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
Ofcom tackles complaint over Premier League footie TV rights
Virgin Media: UK fans pay the most for the fewest matches
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The hidden costs of self-signed SSL certificates
Exploring the true TCO for self-signed SSL certificates, including a side-by-side comparison of a self-signed architecture versus working with a third-party SSL vendor.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.