Most active commenters
  • csdreamer7(3)
  • duskwuff(3)
  • jeroenhd(3)
  • (3)

←back to thread

.INTERNAL is now reserved for private-use applications

(www.icann.org)
563 points joncfoo | 29 comments | 09 Aug 24 16:36 UTC | HN request time: 1.668s | source | bottom
1. csdreamer7 ◴[09 Aug 24 20:13 UTC] No.41205035[source]
Can we get .local or .l added for private-use applications too?
replies(5): >>41205064 #>>41205158 #>>41207055 #>>41208856 #>>41210365 #
2. kxrm ◴[09 Aug 24 20:16 UTC] No.41205064[source]
Is it not already?

https://en.wikipedia.org/wiki/.local

replies(1): >>41205258 #
3. duskwuff ◴[09 Aug 24 20:29 UTC] No.41205158[source]
.local is already reserved for mDNS.
replies(2): >>41205429 #>>41210351 #
4. csdreamer7 ◴[09 Aug 24 20:42 UTC] No.41205258[source]
Not by ICANN? https://www.iana.org/domains/root/db
replies(1): >>41205363 #
5. duskwuff ◴[09 Aug 24 20:59 UTC] No.41205363{3}[source]
The ICANN root zone only contains gTLDs and ccTLDs which are delegated. Other TLDs which are explicitly reserved for non-public use, like .localhost, .test, or .invalid, don't appear on that list either.
replies(2): >>41205570 #>>41205595 #
6. jeroenhd ◴[09 Aug 24 21:10 UTC] No.41205429[source]
.local is in this weird state where it's _technically_ not reserved, but most PCs in the world already resolve it with special non-DNS software because of the Bonjour/mDNS protocol.

So you end up with the IETF standardising .local, because Apple was already using it, but ICANN never did much with that standardisation.

I doubt ICANN will actually touch .local, but they could. One could imagine a scheme where .local is globally registered to prevent Windows clients (who don't always support mDNS) from resolving .local domains wrong.

replies(4): >>41205459 #>>41205538 #>>41205804 #>>41207138 #
7. arjvik ◴[09 Aug 24 21:16 UTC] No.41205459{3}[source]
Modern windows supports mDNS these days!
replies(1): >>41206329 #
8. candiddevmike ◴[09 Aug 24 21:30 UTC] No.41205538{3}[source]
It's reserved per RFC 6762:

> This document specifies that the DNS top-level domain ".local." is a special domain with special semantics, namely that any fully qualified name ending in ".local.

https://datatracker.ietf.org/doc/html/rfc6762

Applications can/will break if you attempt to use .local outside of mDNS (such as systemd-resolved). Don't get upset when this happens.

Interesting fact: RFC 6762 predates Kubernetes (one of the biggest .local violators), they should really change the default domain...

replies(2): >>41205967 #>>41209086 #
9. quectophoton ◴[09 Aug 24 21:36 UTC] No.41205570{4}[source]
I think a more correct place to look at would be the gTLD Applicant Guidebook[1][2], section "2.2.1.2.1 Reserved Names", which I guess should be updated to now include "INTERNAL".

Though that list apparently includes all reserved names, not only those reserved for non-public use.

[1]: https://newgtlds.icann.org/en/applicants/agb

[2]: https://newgtlds.icann.org/sites/default/files/guidebook-ful...

10. csdreamer7 ◴[09 Aug 24 21:41 UTC] No.41205595{4}[source]
Ty for the information.
11. throw0101d ◴[09 Aug 24 22:16 UTC] No.41205804{3}[source]
> .local is in this weird state where it's _technically_ not reserved […] I doubt ICANN will actually touch .local, but they could.

It is. See §2.2.1.2.1, "Reserved Names", of ICANN's gTLD Applicant Guidebook:

* https://newgtlds.icann.org/sites/default/files/guidebook-ful...

replies(1): >>41206346 #
12. wlonkly ◴[09 Aug 24 22:41 UTC] No.41205967{4}[source]
But that's an IETF standard, not an ICANN policy. AFAIK there's nothing in place today that would _prevent_ ICANN from granting .local to a registry other than it just being a bad idea.
replies(1): >>41206537 #
13. jeroenhd ◴[09 Aug 24 23:45 UTC] No.41206329{4}[source]
It does! I generally assume mDNS to just be available on every device these days. But I've also seen managed environments where mDNS has been turned off or blocked at the firewall.
replies(1): >>41206566 #
14. jeroenhd ◴[09 Aug 24 23:49 UTC] No.41206346{4}[source]
This document describes the process for requesting gTLDs. Some internal ICANN project could ignore the contents of the guidebook without breaking "the rules". Or they could invent some kind of new TLD system; branded gTLDs didn't exist twenty years ago and I doubt most people would've assumed them to become real, yet blog.google is a real thing that exists.
15. anderskaseorg ◴[10 Aug 24 00:40 UTC] No.41206537{5}[source]
The jurisdictional status of .local and other standards-reserved special use domains is explained by RFC 6761 section 3:

https://datatracker.ietf.org/doc/html/rfc6761#section-3

And ICANN is bound by the IETF/ICANN Memorandum of Understanding Concerning the Technical Work of the IANA, which prevents it from usurping that jurisdiction:

https://www.icann.org/resources/pages/agreements-en

16. dboreham ◴[10 Aug 24 00:49 UTC] No.41206566{5}[source]
mDNS is a broadcast protocol so always "blocked at the firewall ".
replies(2): >>41206985 #>>41210598 #
17. oasisbob ◴[10 Aug 24 02:57 UTC] No.41206985{6}[source]
Multicast too. If you've never needed to manipulate ACLs for multicast traffic, you're not really living.
18. eddyg ◴[10 Aug 24 03:18 UTC] No.41207055[source]
.home, .corp and .mail are on ICANN’s “high risk” list so won’t ever be gTLDs, so they are also good (short) options.

Ref: https://www.icann.org/en/board-activities-and-meetings/mater...

replies(1): >>41232472 #
19. abtinf ◴[10 Aug 24 03:42 UTC] No.41207138{3}[source]
> but they could.

Presumably, ICANN, like any other committee, is not interested in self-castration. Which is what would happen if they challenged Apple.

ICANN could do anything with enough rule changes. And then everyone will ignore them.

20. LeoPanthera ◴[10 Aug 24 11:57 UTC] No.41208856[source]
Using .local causes big problems with mDNS/Bonjour/Rendezvous, which also uses that TLD.
21. ◴[10 Aug 24 12:48 UTC] No.41209086{4}[source]
22. mjevans ◴[10 Aug 24 15:56 UTC] No.41210351[source]
Give Apple / mDNS .mdns and let it use THAT instead of .local which should NEVER have been taken from local use in the first place.
replies(1): >>41211753 #
23. mjevans ◴[10 Aug 24 15:58 UTC] No.41210365[source]
Please also reserve .lan which is what I now prefer to use since .local got stolen from private networks.
replies(1): >>41211254 #
24. ◴[10 Aug 24 16:34 UTC] No.41210598{6}[source]
25. NewJazz ◴[10 Aug 24 18:18 UTC] No.41211254[source]
You can use .home.arpa.

https://datatracker.ietf.org/doc/html/rfc8375

replies(1): >>41230040 #
26. duskwuff ◴[10 Aug 24 19:45 UTC] No.41211753{3}[source]
mDNS (which isn't just an Apple thing) has been using .local for roughly 20 years now. It's a little late to change that.
27. neop1x ◴[12 Aug 24 22:23 UTC] No.41230040{3}[source]
You can use a public subdomain like box.uuid.california.usa.mydns.org but we need something short like .l or .lan :) .home.arpa is terrible.

I have been using .l personally for a couple of years and it works fine except Chrome won't recognize it as a tld and would start a google search. Once it is visited a couple of times, it autocompletes it as a webpage so it's quite usable afterall.

replies(1): >>41232460 #
28. ◴[13 Aug 24 05:12 UTC] No.41232460{4}[source]
29. NewJazz ◴[13 Aug 24 05:13 UTC] No.41232472[source]
They could be gTLDs in the far future, but ICANN is likely to hold off for a good long while. Better to use something that is actually reserved, though. You never know.