Feeds

Internet overlords deny Google's 'dotless' domains dream

Chocolate Factory's 'http://search' plan may 'harm security of internet'

Next gen security for virtualised datacentres

The Internet Architecture Board (IAB) has issued a statement in which it all-but-rules-out Google's plan to take over some new top-level domains and offer them in “dotless” configurations that would enable web addresses like “http://search".

Google outlined its plans for .search, .app and cloud back in April. The idea of Google owning or operating the domains earned a frosty reception.

Now the IAB, a a committee of the Internet Engineering Task Force (IETF) that among other things “ … provides oversight of, and occasional commentary on, aspects of the architecture for the protocols and procedures used by the Internet” has put the kybosh on the idea.

The Board's reasons why are explained here in a statement that says “dotless domains will not work as intended by TLD operators in the vast majority of cases” because the Internet wasn't built to support them.

Such domains can work, the statement says, if organisations configure their own “search lists” to make them possible. That's even a feature of DNS, “ … because most users entering single-label names want them to be resolved in a local context, and they do not expect a single name to refer to a TLD.”

But not everyone does so, which means “dotless domains will not behave consistently across various locations”.

That leads the IAB to suggest “they have the potential to confuse users and erode the stability of the global DNS”. Worse still, dotless domains may hurt internet security. Here's why:

“By attempting to change expected behavior, dotless domains introduce potential security vulnerabilities. These include causing traffic intended for local services to be directed onto the global Internet (and vice-versa), which can enable a number of attacks, including theft of credentials and cookies, cross-site scripting attacks, etc. As a result, the deployment of dotless domains has the potential to cause significant harm to the security of the Internet.”

The Board concludes that it “believes that the current IETF recommendations against the use of dotless domains are important to the continued viability and success of the Internet, and strongly recommends that the Internet community strictly adhere to them.” ®

The essential guide to IT transformation

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
Death by 1,000 cuts: Mainstream storage array suppliers are bleeding
Cloud, all-flash kit, object storage slicing away at titans of storage
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
VMware vaporises vCHS hybrid cloud service
AnD yEt mOre cRazy cAps to dEal wIth
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?