Independent Submission                                         J. Levine
Request for Comments: 7085                          Taughannock Networks
Category: Informational                                       P. Hoffman
ISSN: 2070-1721                                Cybersecurity Association
                                                           December 2013
        
Independent Submission                                         J. Levine
Request for Comments: 7085                          Taughannock Networks
Category: Informational                                       P. Hoffman
ISSN: 2070-1721                                Cybersecurity Association
                                                           December 2013
        

Top-Level Domains That Are Already Dotless

已无点的顶级域

Abstract

摘要

Recent statements from the Internet Architecture Board (IAB) and the Internet Corporation of Assigned Names and Numbers (ICANN) Security and Stability Advisory Committee have focused on the problems that the DNS is likely to experience with top-level domains (TLDs) that contain address records (so-called "dotless domains"). In order to help researchers determine the extent of the issues with dotless domains, this document lists the current dotless TLDs and gives a script for finding them. This document lists data about dotless TLDs but does not address the policy and technology issues other than to point to the statements of others.

互联网体系结构委员会(IAB)和互联网名称和数字分配公司(ICANN)安全与稳定咨询委员会最近发表的声明集中讨论了DNS在包含地址记录的顶级域(TLD)(所谓的“无点域”)中可能遇到的问题。为了帮助研究人员确定无点域问题的范围,本文档列出了当前的无点TLD,并给出了查找它们的脚本。本文件列出了关于无点TLD的数据,但并未涉及政策和技术问题,只是指向其他人的声明。

Status of This Memo

关于下段备忘

This document is not an Internet Standards Track specification; it is published for informational purposes.

本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。

This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.

这是对RFC系列的贡献,独立于任何其他RFC流。RFC编辑器已选择自行发布此文档,并且未声明其对实现或部署的价值。RFC编辑批准发布的文件不适用于任何级别的互联网标准;见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7085.

有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7085.

Copyright Notice

版权公告

Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2013 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。

Table of Contents

目录

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Current Dotless Domains . . . . . . . . . . . . . . . . . . .   3
     2.1.  TLDs with A Records . . . . . . . . . . . . . . . . . . .   3
     2.2.  TLDs with AAAA Records  . . . . . . . . . . . . . . . . .   3
     2.3.  TLDs with MX Records  . . . . . . . . . . . . . . . . . .   4
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   5.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   5
   6.  Informative References  . . . . . . . . . . . . . . . . . . .   5
   Appendix A.  Script for Finding Dotless Domains . . . . . . . . .   6
        
   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Current Dotless Domains . . . . . . . . . . . . . . . . . . .   3
     2.1.  TLDs with A Records . . . . . . . . . . . . . . . . . . .   3
     2.2.  TLDs with AAAA Records  . . . . . . . . . . . . . . . . .   3
     2.3.  TLDs with MX Records  . . . . . . . . . . . . . . . . . .   4
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   5.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   5
   6.  Informative References  . . . . . . . . . . . . . . . . . . .   5
   Appendix A.  Script for Finding Dotless Domains . . . . . . . . .   6
        
1. Introduction
1. 介绍

In the past few years, well-respected groups have issued documents about top-level domains in the DNS that contain address records (so-called "dotless domains"). The Security and Stability Advisory Committee (SSAC) of the Internet Corporation for Assigned Names and Numbers (ICANN) issued a report called "Report on Dotless Domains" [SAC053] in February 2012. The Internet Architecture Board (IAB) issued a statement called "Dotless Domains Considered Harmful" [IAB-DOTLESS] in July 2013. The New gTLD Program Committee of the ICANN Board of Directors (NGPC) approved a resolution on dotless domains [NGPC-DOTLESS] in August 2013. (The authors of this document note that they are not on the SSAC, the IAB, or the ICANN Board.)

在过去几年中,备受尊敬的团体发布了关于DNS中包含地址记录的顶级域(所谓的“无点域”)的文档。互联网名称和号码分配公司(ICANN)的安全与稳定咨询委员会(SSAC)于2012年2月发布了一份名为“无点域名报告”[SAC053]的报告。互联网体系结构委员会(IAB)于2013年7月发布了一份名为“被认为有害的无点域名”[IAB-Dotless]的声明。ICANN董事会(NGPC)新的gTLD计划委员会于2013年8月批准了一项关于无点域名[NGPC-dotless]的决议。(本文件的作者指出,他们不在SSAC、IAB或ICANN董事会中。)

All of these documents consider the effects of dotless domains without describing the extent of their current deployment. In order to help researchers determine the extent of the problems with dotless domains, this document lists the known dotless domains at the time of publication and shows how researchers can find them in the future. In this document, we consider any TLD with an A, AAAA, and/or MX record at the apex to be dotless. This document is meant to provide current data to the Internet community but does not give advice.

所有这些文档都考虑了无需域的影响,而没有描述它们当前部署的程度。为了帮助研究人员确定无点域问题的程度,本文档列出了出版时已知的无点域,并展示了研究人员将来如何找到它们。在这份文件中,我们认为任何TLD与A,AAAA,和/或MX记录在顶点是无稽之谈。本文件旨在向互联网社区提供当前数据,但不提供建议。

Many people have expressed a belief that ICANN prohibits all TLDs from being dotless. That belief is not true; ICANN's policies apply only to their contracted TLDs. This document shows the extent to which dotless domains exist today.

许多人表示相信ICANN禁止所有TLD成为无互联网的。这种信念是不正确的;ICANN的政策仅适用于其合同TLD。本文档显示了当今无点域的存在程度。

2. Current Dotless Domains
2. 当前无点域

This section shows the dotless domains we found on September 3, 2013, using the script in Appendix A. The data was nearly constant for many months, with very few additions or deletions of records.

本节显示了我们在2013年9月3日使用附录A中的脚本发现的无点域。数月来,数据几乎保持不变,几乎没有添加或删除记录。

We checked every TLD in the root zone to see which ones had A, AAAA, or MX records. We found that about 5% of the TLDs did, and all of the TLDs that do are two-letter TLDs or country code TLDs (which are also known as ccTLDs).

我们检查了根区域中的每个TLD,以查看哪些TLD具有A、AAAA或MX记录。我们发现,大约5%的TLD是这样做的,所有这样做的TLD都是两个字母的TLD或国家代码TLD(也称为CCTLD)。

2.1. TLDs with A Records
2.1. 带记录的TLD

At the time this document is published, the following TLDs have A records.

在本文件发布时,以下TLD有一个记录。

AC has address 193.223.78.210 AI has address 209.59.119.34 CM has address 195.24.205.60 DK has address 193.163.102.24 GG has address 87.117.196.80 IO has address 193.223.78.212 je has address 87.117.196.80 KH has address 203.223.32.21 PN has address 80.68.93.100 SH has address 193.223.78.211 TK has address 217.119.57.22 TM has address 193.223.78.213 TO has address 216.74.32.107 UZ has address 91.212.89.8 VI has address 193.0.0.198 WS has address 64.70.19.33

AC地址193.223.78.210 AI地址209.59.119.34 CM地址195.24.205.60 DK地址193.163.102.24 GG地址87.117.196.80 IO地址193.223.78.212 je地址87.117.196.80 KH地址203.223.32.21 PN地址80.68.93.100 SH地址193.223.78.211 TK地址217.119.57.22 TM地址193.223.78.213地址为216.74.32.107 UZ地址为91.212.89.8 VI地址为193.0.0.198 WS地址为64.70.19.33

2.2. TLDs with AAAA Records
2.2. 有AAAA记录的TLD

At the time this document is published, the following TLD has an AAAA record.

本文件发布时,以下TLD有AAAA记录。

   DK has IPv6 address 2a01:630:0:40:b1a:b1a:2011:1
        
   DK has IPv6 address 2a01:630:0:40:b1a:b1a:2011:1
        
2.3. TLDs with MX Records
2.3. 具有MX记录的TLD

At the time this document is published, the following TLDs have MX records. The SSAC report implies, but does not explicitly say, that MX records would cause a TLD to be considered dotless; the IAB report does not mention MX records at all.

本文件发布时,以下TLD具有MX记录。SSAC报告暗示,但没有明确指出,MX记录将导致TLD被视为无点;IAB报告根本没有提到MX记录。

AI mail is handled by 10 mail.offshore.AI. AX mail is handled by 5 mail.aland.net. CF mail is handled by 0 mail.intnet.CF. DM mail is handled by 10 mail.nic.DM. GP mail is handled by 10 ns1.worldsatelliteservices.com. GP mail is handled by 5 ns1.nic.GP. GT mail is handled by 10 ASPMX.L.GOOGLE.COM. GT mail is handled by 20 ALT1.ASPMX.L.GOOGLE.COM. GT mail is handled by 20 ALT2.ASPMX.L.GOOGLE.COM. GT mail is handled by 30 ASPMX2.GOOGLEMAIL.COM. GT mail is handled by 30 ASPMX3.GOOGLEMAIL.COM. GT mail is handled by 30 ASPMX4.GOOGLEMAIL.COM. GT mail is handled by 30 ASPMX5.GOOGLEMAIL.COM. HR mail is handled by 5 alpha.carnet.HR. IO mail is handled by 10 mailer2.IO. KH mail is handled by 10 ns1.dns.net.KH. KM mail is handled by 100 mail1.comorestelecom.KM. LK mail is handled by 10 malithi-slt.nic.LK. LK mail is handled by 20 malithi-lc.nic.LK. MQ mail is handled by 10 mx1-mq.mediaserv.net. PA mail is handled by 5 ns.PA. TT mail is handled by 10 ALT1.ASPMX.L.GOOGLE.COM. TT mail is handled by 1 ASPMX.L.GOOGLE.COM. UA mail is handled by 10 mr.kolo.net. VA mail is handled by 100 raphaelmx3.posta.VA. VA mail is handled by 10 raphaelmx1.posta.VA. VA mail is handled by 10 raphaelmx2.posta.VA. WS mail is handled by 10 mail.worldsite.WS. YE mail is handled by 10 mail.yemen.net.YE.

AI邮件由10 mail.offshore.AI处理。AX邮件由5 mail.aland.net处理。CF邮件由0 mail.intnet.CF处理。DM邮件由10 mail.nic.DM处理。GP邮件由10 ns1.worldsatelliteservices.com处理。GP邮件由5 ns1.nic.GP处理。GT邮件由10 ASPMX.L.GOOGLE.COM处理。GT邮件由20 ALT1.ASPMX.L.GOOGLE.COM处理。GT邮件由20 ALT2.ASPMX.L.GOOGLE.COM处理。GT邮件由30 ASPMX2.GOOGLEMAIL.COM处理。GT邮件由30 ASPMX3.GOOGLEMAIL.COM处理。GT邮件由30 ASPMX4.GOOGLEMAIL.COM处理。GT邮件由30 ASPMX5.GOOGLEMAIL.COM处理。HR邮件由5 alpha.carnet.HR处理。IO邮件由10 mailer2.IO处理。KH邮件由10 ns1.dns.net.KH处理。KM邮件由100 mail1.comrestelecom.KM处理。LK邮件由10 malithi-slt.nic.LK处理。LK邮件由20 malithi-lc.nic.LK处理。MQ邮件由10 mx1-MQ.mediaserv.net处理。PA邮件由5 ns.PA处理。TT邮件由10 ALT1.ASPMX.L.GOOGLE.COM处理。TT邮件由1 ASPMX.L.GOOGLE.COM处理。UA邮件由10 mr.kolo.net处理。VA邮件由100 raphaelmx3.posta.VA处理。VA邮件由10 raphaelmx1.posta.VA处理。VA邮件由10 raphaelmx2.posta.VA处理。WS-mail由10 mail.worldsite.WS处理。YE邮件由10 mail.yemen.net.YE处理。

3. IANA Considerations
3. IANA考虑

The script in Appendix A relies on IANA continuing to publish a copy of the TLDs in the root zone at <http://data.iana.org/TLD/tlds-alpha-by-domain.txt>.

附录A中的脚本依赖IANA继续在<http://data.iana.org/TLD/tlds-alpha-by-domain.txt>.

4. Security Considerations
4. 安全考虑

This document lists the known dotless domains; it does not express an opinion whether or not there are security considerations with the existence of dotless domains. The referenced IAB and SSAC reports discuss the opinions of the respective bodies on the security and stability considerations of dotless domains.

本文档列出了已知的无点域;对于无点域的存在是否存在安全考虑,本文未发表意见。参考的IAB和SSAC报告讨论了各自机构对无点域的安全和稳定性考虑的意见。

5. Acknowledgements
5. 致谢

Andrew Sullivan and Marc Blanchet gave helpful comments on this document.

安德鲁·沙利文(Andrew Sullivan)和马克·布兰切特(Marc Blanchet)对此文件给出了有益的评论。

6. Informative References
6. 资料性引用

[IAB-DOTLESS] Internet Architecture Board, "Dotless Domains Considered Harmful", July 2013, <https://www.iab.org/2013/07/10/ iab-statement-dotless-domains-considered-harmful/>.

[IAB-DOTLESS]互联网架构委员会,“被认为有害的无点域名”,2013年7月<https://www.iab.org/2013/07/10/ iab声明认为有害的无点域/>。

[NGPC-DOTLESS] New gTLD Program Committee of the ICANN Board, "Approved Resolution on Dotless Domains", September 2013, <http://www.icann.org/en/groups/board/documents/ resolutions-new-gtld-13aug13-en.htm>.

[NGPC-DOTLESS]ICANN董事会新的gTLD计划委员会,“关于无点域名的批准决议”,2013年9月<http://www.icann.org/en/groups/board/documents/ resolutions-new-gtld-13aug13-en.htm>。

[SAC053] ICANN Security and Stability Advisory Committee, "SSAC Report on Dotless Domains", February 2012, <http://www.icann.org/en/groups/ssac/documents/ sac-053-en.pdf>.

[SAC053]ICANN安全与稳定咨询委员会,“SSAC关于无点域名的报告”,2012年2月<http://www.icann.org/en/groups/ssac/documents/ sac-053-en.pdf>。

Appendix A. Script for Finding Dotless Domains
附录A.查找无点域的脚本

The following Bourne shell script was used for finding the data in this document. The authors believe that this script will work correctly on a wide variety of operating systems and will continue to do so in the foreseeable future. As is customary in the current legal environment, the authors make no assurance that the script is correct or that the script will not cause damage on a system where it is run.

以下Bourne shell脚本用于查找此文档中的数据。作者相信,这个脚本将在各种各样的操作系统上正常工作,并且在可预见的未来将继续这样做。按照当前法律环境的惯例,作者不保证脚本是正确的,也不保证脚本不会对运行它的系统造成损坏。

The script checks each nameserver for each TLD instead of just doing a simple query because the nameservers for some of the TLDs have inconsistent data in them with respect to the records shown here.

脚本检查每个TLD的每个名称服务器,而不是仅仅执行简单的查询,因为某些TLD的名称服务器中包含与此处显示的记录不一致的数据。

   #! /bin/sh
   # Get the current list of TLDs from IANA
   wget -O orig.txt http://data.iana.org/TLD/tlds-alpha-by-domain.txt
   # Remove the comment at the top of the file
   grep -v '^#' orig.txt > TLDs.txt
   # Get all the nameservers
   while read tld; do host -t NS $tld; done < TLDs.txt > TLD-servers.txt
   # Do queries for each record type, and do them on each nameserver
   for rec in A AAAA MX; do
     while read tld ignorea ignoreb ns; do
       host -t $rec $tld. $ns;
     done < TLD-servers.txt;
   done > all-out.txt
   # Print the results
   grep "has address" all-out.txt | sort -uf
   grep "has IPv6" all-out.txt | sort -uf
   grep "mail is handled" all-out.txt | sort -uf
        
   #! /bin/sh
   # Get the current list of TLDs from IANA
   wget -O orig.txt http://data.iana.org/TLD/tlds-alpha-by-domain.txt
   # Remove the comment at the top of the file
   grep -v '^#' orig.txt > TLDs.txt
   # Get all the nameservers
   while read tld; do host -t NS $tld; done < TLDs.txt > TLD-servers.txt
   # Do queries for each record type, and do them on each nameserver
   for rec in A AAAA MX; do
     while read tld ignorea ignoreb ns; do
       host -t $rec $tld. $ns;
     done < TLD-servers.txt;
   done > all-out.txt
   # Print the results
   grep "has address" all-out.txt | sort -uf
   grep "has IPv6" all-out.txt | sort -uf
   grep "mail is handled" all-out.txt | sort -uf
        

Authors' Addresses

作者地址

John Levine Taughannock Networks

约翰·莱文·塔甘诺克网络公司

   EMail: standards@taugh.com
        
   EMail: standards@taugh.com
        

Paul Hoffman Cybersecurity Association

保罗·霍夫曼网络安全协会

   EMail: paul.hoffman@cybersecurity.org
        
   EMail: paul.hoffman@cybersecurity.org