NordVPN Promotion

Home / Blogs

More Problems Crop Up With Universal Acceptance of Top Level Domains

I’ve often found truth in the famous George Santayana quote, “Those that cannot remember the past are doomed to repeat it.” That’s an apt warning for what is currently happening—again—with the hundreds of new generic Top Level Domains (gTLDs) that are launching ... and failing to work as expected on the Internet.

First, a quick refresher: As most CircleID readers know, in the early 2000s, seven new gTLDs were launched: .AERO, .BIZ, .COOP, .INFO, .MUSEUM, .NAME and .PRO. Aside from Country Code TLDs (ccTLDs), these were the first top-level changes to the DNS since the early days of the Internet.

Any TLDs that were more than three characters long promptly ran into usability issues. I know this from first-hand experience with .INFO, for which my company, Afilias, is the registry operator. With .INFO’s position as the most popular of all new gTLDs, I spent a good part of my time, in the first five years after .INFO launched, working with vendors to get their systems to accept .INFO email addresses and .INFO domain names as valid. Now, 13 years later, it’s still possible to find systems that reject .INFO addresses. From that experience, I developed my three rules of TLD acceptance.

Mohan’s Three Rules of TLD Acceptance:

  1. An old TLD will be accepted more often than a new TLD.
  2. An ASCII-only TLD will be accepted more than an IDN TLD.
  3. A two or three letter TLD will be accepted more often than a longer ccTLD or gTLD.

Web browsers use different algorithms to improve security and certificate processing. They also have varying rules for how to deal with a website address in a top-level domain that the browser does not recognize (including the use of a technique called search-list processing, which sometimes exacerbates the problem). The use of different algorithms combined with search-list processing can pierce the boundary between private and public administration of namespaces. In addition, many applications and apps that use the Internet still refer to a locally held (and quickly outdated) list of “valid” TLD names, rather than using the DNS to determine domain name validity, despite being warned away from this approach in the IETF’s RFC 3696.

While the issue of universal acceptance never really got solved, the topic takes on heightened importance due to the creation of hundreds of new top-level domains on the Internet. In the earlier set of new TLDs, the primary problem occurred for TLD strings with a length of more than three characters. However, in the current crop of new TLDs, even three character strings get caught in the mix. What was previously considered primarily an infrastructure-level issue is now poised to become a major user-level issue, with negative impact on both the regular Internet user and inside corporations.

In 2003 ICANN’s Security and Stability Advisory Committee (SSAC), of which I am a member, studied problems with the support of new top-level domains by infrastructure and software providers and made several recommendations, including:

  • Internet infrastructure providers that have their own customised software for Internet service provision should test the capability of the software to support new TLDs, and correct problems quickly where they are found.
  • Internet software application developers should be encouraged to review their software for support of new TLDs. Where problems are found, application developers should upgrade their software, and provide these updates to their user base.
  • A central repository of known, commonly used software that has compatibility problems (e.g., DNS resolver software used by common operating systems) with new TLDs, and instructions for how to upgrade the software should be created. This repository would facilitate Internet infrastructure providers and software application developers to provide necessary software updates to users of the Internet to resolve known compatibility issues.

That was over a decade ago! It’s somewhat astonishing that these recommendations are as valid today as they were then, and that readiness is still not measurable.

For example, try to resolve a new TLD such as .email or .onl using a mobile Android device. On my Android phone, typing in www.nic.onl is rejected by the browser and handed off to be treated as a search query, not a DNS query. However, if you typed in the same web addresses on a browser—Chrome, Internet Explorer, Firefox or Safari—in a desktop environment, they go to the right destination, The experience varies even further if you try to resolve a multilingual (Internationalized Domain Name or IDN) top level domain on your browser or email system—and over 100 internationalized top level domains are being activated on the Internet this year. For instance, typing in www.nic.?? or www.nic.xn—6frz82g, the newly delegated .MOBI TLD in Chinese, Safari shows the ASCII string only in the address bar, while Chrome and Firefox show the Chinese string; Internet Explorer dumps it to a search result screen, Users deserve to be taken to the correct destination when they type in an address in their browsers, regardless of the type of device they use or language they type the address in.

The problem isn’t technical in nature; we know how to address the technical issues. What’s needed is coordination and collaboration between far removed actors in the Internet world, so that the software and systems they create can act in a standard way and return a predictable experience to users. The era of hundreds of new TLDs requires new energy, focus and cooperation. New gTLD owners, software developers, network providers and infrastructure companies must work together to ensure their software, browsers, forms, apps, email and other systems are compliant and can handle all delegated new TLDs.

The stakes are even higher than they were in 2001, when I first encountered serious problems with the universal acceptance of .INFO, followed thereafter by .AERO and .MOBI. The need for a coordinated response and clearly visible results to the universal acceptance challenge has never been greater; not doing so could deal a devastating blow to the utility, relevance and legitimacy of all new top level domains. Ensuring universal acceptance should become one of the foremost priorities of all entities engaged in the Domain Name System and using the Internet.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Ram Mohan, Chief Operating Officer at Afilias

Mr. Mohan brings over 20 years of technology leadership experience to Afilias and the industry.

Visit Page

Filed Under

Comments

Ram,I agree that we need coordination and Alex Tajirian  –  Feb 7, 2014 8:11 PM

Ram,
I agree that we need coordination and collaboration, but it must also encompass additional parties to fight a new flood of signal confusions, cybersquatting, phishing, and security breaches. It must involve registries, webhosting companies, parking/monetization companies, and ICANN.

I am also not sure about your third rule, “A three-letter gTLD will be accepted more often than a longer ccTLD or gTLD.” I don’t understand what you mean by “accepted” and “a longer ccTLD.”

Hi Alex,I'm glad you agree that more Ram Mohan  –  Feb 7, 2014 10:03 PM

Hi Alex, I'm glad you agree that more collaboration is needed. You're spot on about the wide range of parties who need to be actively engaged, as well as the need for an organization to coordinate this - perhaps ICANN, perhaps the W3C, perhaps others? Regarding my third rule - new IDN ccTLDs are more than 3 characters long. They will run into the same problem of software and systems that discriminate against TLDs that are more than 3 characters long. Therefore a 3 letter gTLD will be accepted more than a longer gTLD or ccTLD. Many email systems, web applications, forms and applications on the Internet, and systems and hardware have at best obsolete rules about what constitutes a valid TLD and at worst have completely wrong rules about what constitutes a valid TLD (see RFC 3696 reference above). This ecosystem should be able to handle the introduction of new TLD's without requiring a full scale revamp each time. The DNS itself handles this well - new names can be introduced and nameservers are updated within minutes. The big change is that universal acceptance has now moved from "infrastructure" to mainstream, and the impact could be significant. -Ram

Ram, Thanks for the clarification. Alex Tajirian  –  Feb 7, 2014 11:34 PM

Ram, Thanks for the clarification.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

NordVPN Promotion