On topic of dotless domains

Doug Barton dougb at dougbarton.us
Thu Jul 11 23:27:58 UTC 2013

On 07/11/2013 03:57 PM, Geoffrey Keating wrote:
> Mark Andrews <marka at isc.org> writes:
>> In message <krmkg2$flc$1 at ger.gmane.org>, Chris Hills writes:
>>> Whilst I am not a fan of dotless domains, as long as one uses the fully
>>> qualified domain name (e.g. http://ac./), there should not be any
>>> trouble using it in any sane software. It seems that most people aren't
>>> aware these days that a fqdn includes the trailing period (by definition).
>> No it does not.  Period at the end is a local convention to stop
>> searching on some platforms.  It is not syntactically legal.  Note
>> the words 'a sequence of domain labels separated by "."'.  Periods
>> at the end are NOT legal.
>> RFC 1738
>>      host
>>          The fully qualified domain name of a network host, or its IP
>>          address as a set of four decimal digit groups separated by
>>          ".". Fully qualified domain names take the form as described
>>          in Section 3.5 of RFC 1034 [13] and Section 2.1 of RFC 1123
>>          [5]: a sequence of domain labels separated by ".", each domain
>>          label starting and ending with an alphanumerical character and
>>          possibly also containing "-" characters. The rightmost domain
>>          label will never start with a digit, though, which
>>          syntactically distinguishes all domain names from the IP
>>          addresses.
> That was fixed in RFC 2396:

... which has the title, "Uniform Resource Identifiers (URI): Generic 
Syntax," so not necessarily a treatise on host name syntax. :)

>        host          = hostname | IPv4address
>        hostname      = *( domainlabel "." ) toplabel [ "." ]
>     ... The rightmost
>     domain label of a fully qualified domain name will never start with a
>     digit, thus syntactically distinguishing domain names from IPv4
>     addresses, and may be followed by a single "." if it is necessary to
>     distinguish between the complete domain name and any local domain.
> However, I think it's safe to say this is an edge case and chances are
> you'll have trouble using dotless domains with some software and
> processes.

Right-o. And even if 2396 was authoritative, the "may" in "may be 
followed" highlights the point Mark made earlier: Such syntax is not 
universally recognized over all operating systems, or even all 
applications. And that's totally aside from the difficulty in user 

> For example, you'll probably have trouble getting a SSL
> certificate.

Given that some CAs have already issued certs for host names that are 
not valid in the public DNS now, and have been doing so for years, 
dotless domains may have a higher barrier to entry for SSL, but the 
barrier is not infinitely high.

All that said, I am a proponent of the slightly heretical view that 
ICANN should not prohibit this for gTLDs, however I do think they should 
provide good user education as to why it will likely be a bad idea. The 
key factor for me is that the ccTLDs are already doing it, and there is 
nothing ICANN can do to stop them from doing so. Thus it would be 
"unfair" in a philosophical sense for ICANN to restrict the gTLDs in 
this manner. (I think one could even make an argument that for ICANN to 
attempt to do so would be restraint of trade, but IANAL.)

While I recognize that widespread use of dotless domains would 
undoubtedly break stuff in the short term, I also think that both 
application and OS developers would adapt to the changing landscape over 
time. It's also worth mentioning that at least some of the things that 
would "break" in the short term are things we've been telling people for 
many years not to do in the first place ...


More information about the NANOG mailing list