It's official: .corp, .home, .mail will never be top-level domains on the 'net
Sigh with relief, fellow geeks, if you're using them on your home or business network
You will never be able to own an official .home, .mail or .corp domain name or email address on the public internet.
It means if you have machines called things like storage.home or buildserver.corp on your home or private business network, you can be sure no one will be able to buy domains like storage.home or buildserver.corp, thus sparing you the messy situation of client PCs accidentally connecting to the wrong box, depending on their DNS settings.
It's bad news for phishers and other miscreants, and a relief for network managers.
The decision to axe the trio of dot-words from the public 'net was finally reached by domain-name system overseer ICANN at a recent board meeting, six years after 20 companies paid the organization $185,000 apiece to get hold of the online real estate.
The three dot-words have been officially banned as top-level domains because of the widespread conflicts that DNS experts are certain would result if they were added to the public internet: all three words are used extensively by sysadmins, webmasters, and tech geeks for testing and other systems on internal networks.
Those organizations that coughed up cash to be in the running to oversee the top-level domains will be given a full refund, ICANN said, in what it clearly considers an act of generosity. It notes that it doesn't officially have to hand the full sum back, but that it will do so out of "fairness." The applicants are no doubt giddy with excitement.
"In reviewing the options described above, the Board considered the impact of providing a standard versus a full refund," the February meeting minutes noted. "The total estimated cost of providing all remaining 20 applicants the standard refund is $1,300,000, whereas the cost associated with a full refund is $3,700,000."
That leaves ICANN with just $95.8m remaining in its New gTLD Program funds – the cash it collected from allowing an explosion in dot-word domains – as well as the $240m it received through auctions of these generic top-level domains. And the $130m in annual income it receives from registries and the registrars that sell domain names.
The applications for .home, .corp and .mail were received back in early 2012 when the internet's addressing system was opened up to anyone who wanted to run a generic top-level domain and was willing to pay.
As expected, a number of those applications proved controversial. But from a technical perspective, the most troublesome were those that threatened to conflict with domain names that have been used for years for intranets and DNS testing.
One year after the applications had come in, ICANN's Security and Stability Advisory Committee (SSAC) warned that "name collisions" could be a significant problem since some digital certificates and network configurations had top-level domain names – such as .test or .corp – hardcoded into them that were for internal use only, and were never intended to potentially resolve to public addresses.
That report led to the ICANN board commissioning a study two months later to look into the issue. Three months later, that report arrived – and noted that .home and .corp domains were by far the most frequently used private networks. It argued that they should not be added to the public internet.
Two months after that – October 2013 – ICANN approved a plan for dealing with name collision. But the organization was swamped with work stemming from the thousands of other dot-word applications, and it took another nine months to formally designate .corp, .home and .mail as "high risk" extensions.
They weren't banned, however. They were simply deferred indefinitely, meaning that ICANN sat on the $3.7m it had been given to process applications for the names.
Another 15 months passed while yet another group dug into the issue. In a parallel effort, networking gurus at the Internet Engineering Task Force (IETF) attempted to add the three dot-words to an official list of generic top-level domain names banned from being added to the public internet. The IETF failed to reach agreement, however, and abandoned its effort.
At this point – more than four years after they had applied – the companies hoping to run .corp, .home or .mail had had enough, and in August 2016 sent a formal letter asking for the issue to be resolved and demanded that ICANN commission a report that would examine how to lift the indefinite deferral.
ICANN'T be expected to work fast
Another 15 months later, and on November 2, 2017 the ICANN board finally asked the SSAC – which wrote its first report nearly five years earlier – to look at the issue again, specifically with respect to .home, .corp and .mail, and report back. At the same time it also asked its own staff to look into the issue.
The staffer got back in just over a month with "various options" – all of which appear to have recommended rejecting the applications permanently. The only real decision was whether to give the applicants all their money back or only a third of it.
The other sticking point was whether to give the organizations that had waited six years to hear back some kind of priority when applications are opened again later – at some still unspecified date – to expand the domain-name system again.
ICANN's board went with the staff report and decided on the full refund, in large part because the DNS overlord had never warned companies that names like .home, .corp or .mail may not be approved. But it decided against giving them any kind of priority in future.
"Taking this action will help support ICANN's mission and is the public interest to ensure the stable and secure operation of the Internet's unique identifier systems," the board minutes argued. "This action benefits the ICANN community as it provides transparency and predictability to the applicants for .CORP, .HOME, and .MAIL."
So there you have it. It took six years, but it's official: the dot-words .corp, .home and .mail are considered so central to private networks' internal functioning that they can't be allowed onto the public internet. ®
Sponsored: Becoming a Pragmatic Security Leader