Feeds

Dot-brand explosion will shell-shock lazy coders - ICANN

Devs urged to swot up on parsing new domain extensions

Choosing a cloud hosting partner with confidence

Millions of internet users face being locked out of popular websites unless software developers pay attention to the forthcoming explosion in new top-level domain names.

Domain name overseer ICANN told El Reg this week that developers and webmasters need to track the progress of its new gTLD programme, which is expected to start pumping out new right-of-the-dot addresses as early as the first quarter next year.

Kim Davies, ICANN's manager of root zone services, said that the organisation is planning a brainstorming session at its public meeting in Costa Rica next month to figure out ways to encourage the "universal acceptance" of gTLDs.

When ICANN approved its first batch of new gTLDs – such as .info and .museum – in 2000, users found that in many cases software would not recognise these new addresses as domain names. Even today, web-based registration forms will sometimes reject email addresses that end in .info and encourage folk to enter a "valid" email address instead.

Newer gTLDs, such as .xxx, which launched in December, have experienced similar teething troubles.

For example, if you type http://example.com during a Skype instant message conversation, the software will automatically render it as a clickable link. If, however, you type http://example.xxx, it will render as plain text. For several months last year some Twitter applications did not recognise .xxx as a domain.

These problems often show up because developers use string length or a hard-coded list of known TLDs to determine whether something is a domain name, according to Davies.

Because gTLDs such as .com and .org and country-codes such as .uk and .au are the most commonly used addresses, sometimes address validation algorithms are designed to reject TLDs longer than three characters. Other applications use outdated lists of TLDs that do not include recent additions.

This lack of acceptance could become even more problematic when ICANN starts approving new gTLDs such as .music, .london and .canon, and people start using them.

"If you're doing a domain check, checking for valid TLD, ask yourself why you are doing it," Davies said. "Most of the time you don't need to be doing that check at all. If you do need to do a check, the best way to do it is to use DNS. You get a response in milliseconds."

For offline applications that cannot access DNS immediately, ICANN publishes a free daily list of which TLDs are live in the internet's domain name root zone. It also has released several free reference implementations at Github.

"The technology is pretty settled, the issue now is awareness," Davies said.

Calling International Rescue

But the new gTLD programme is also going to throw up another wrinkle that could confuse developers and web masters – top-level Internationalised Domain Names (IDNs).

These are domain names that are displayed in anything other than the Latin script used in English. One Russian company, for example, plans to apply to ICANN for .ДЕТИ, which means .children.

"It's not just the .museums or .infos that need support, now it's the .chinas or domains written in Cyrillic," Davies said.

IDNs are designed to be displayed in a variety of scripts using the Unicode standard, but they are stored in the DNS as ASCII strings that begin with the prefix xn--.

Software needs to be able to translate the original-script "U-label" into the DNS-compatible "A-label" using the IDNA 2008 standard, Davies said. There are several open-source IDNA 2008 libraries developers can use, such as this one, he said.

ICANN will use its session in Costa Rica on 14 March to reach out to domain name registries, registrars and other interested parties for ideas about how to encourage acceptance. Those unable to attend in person will be able to remotely participate via the ICANN website.

"There's a notion that maybe we should keep track of notable websites and software and their level of support," Davies said. "Maybe we can find some high-value targets and make sure that key websites or key pieces of software support these TLDs."

However, Davies acknowledged that the market may take care of the problem by itself. While previous new gTLD introductions have been small enough to fly under the radar of many developers, ICANN is expecting over 1,000 applications for new gTLDs this time around.

With many of these expected to be "dot-brand" addresses owned by technology companies, awareness of the need for gTLD acceptance could spread virally quite quickly.

"With the proliferation of many more TLDs I think awareness will naturally increase," Davies said. "I think the rising tide will lift all boats." ®

Security for virtualized datacentres

More from The Register

next story
TEEN RAMPAGE: Kids in iPhone 6 'Will it bend' YouTube 'prank'
iPhones bent in Norwich? As if the place wasn't weird enough
Consumers agree to give up first-born child for free Wi-Fi – survey
This Herod network's ace – but crap reception in bullrushes
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Sea-Me-We 5 construction starts
New sub cable to go live 2016
New EU digi-commish struggles with concepts of net neutrality
Oettinger all about the infrastructure – but not big on substance
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
EE coughs to BROKEN data usage metrics BLUNDER that short-changes customers
Carrier apologises for 'inflated' measurements cockup
Comcast: Help, help, FCC. Netflix and pals are EXTORTIONISTS
The others guys are being mean so therefore ... monopoly all good, yeah?
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.