SoylentNews is people
SoylentNews
Anyone still reeling after Google snagged .dev for their own nefarious purposes will be relieved to learn that Internet Corporation for Assigned Names and Numbers (ICANN) has decided (after 6 years) to reject the applications for .home, .corp, and .mail.
Twenty companies paid the $185,000 application fee to ICANN back in 2012 to oversee the top level domains.
Seventeen months later an ICANN commissioned report noted that .home, and .corp were by far the most frequently queried top level domains and argued that they should not be added to the public internet. Eleven months later they were formally designated as "high risk" extensions.
Further study, as well as a failed attempt by the Internet Engineering Task Force (IETF) to add the 3 to the official list banned from the internet took another 15 months.
Finally in late 2017, 15 months after prompting from the original applicants, they revisited the issue again and decided to reject the applications - and in the interest of fairness, fully refund the application fees.
So there you have it, you can now use .home, .corp, and .mail on your internal networks.
More info at The Register:
https://www.theregister.co.uk/2018/02/12/icann_corp_home_mail_gtlds/
ICANN meeting minutes:
https://www.icann.org/resources/board-material/resolutions-2018-02-04-en#2.c
(Score: 0) by Anonymous Coward on Sunday February 18 2018, @03:21AM (5 children)
Sites using .local had lots of fun when Apple chose to appropriate it for their LAN discovery service.
(Score: 2) by fyngyrz on Sunday February 18 2018, @03:26AM (4 children)
Seriously though, just change what you're using from .local to .ourlocal or whatever - what's the big deal?
(Score: 0) by Anonymous Coward on Sunday February 18 2018, @04:10AM (1 child)
If I say one site had thousands of internal nodes, do I have to draw you a picture of how it is a big deal?
(Score: 2) by fyngyrz on Sunday February 18 2018, @07:00AM
Well, perhaps. Although... seems to me that an enterprise with thousands of LAN nodes would have an IT department / wizard that could take care of it via some (very) basic automation.
It certainly wouldn't be a problem here. But then again, I know how to maintain my systems. Not everyone does.
(Score: 2) by maxwell demon on Sunday February 18 2018, @07:32PM (1 child)
You have to rewrite everything referring to those local addresses. Documentation. Links in internal documents. Addresses in configuration files. Addresses hard-coded into applications (are you absolutely sure that nobody did this for any internal application?). Are you sure that list is exhaustive?
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by fyngyrz on Sunday February 18 2018, @11:09PM
So, what you're really saying is your IT is chaotic, out of your control, and that is why you can't move the network around.
Fair enough. So the thing is, my LAN and the applications that work with it are not out of my control, so I don't have to deal with such things. All network references are via common configuration files, including my documentation, just as they should be, so it's zero problem to change this sort of thing. It was designed that way. By me. And I'm not running network-aware OPC* that can screw me (really that's a matter of security, but not having to worry about embedded rogue network configurations is a definite side benefit.)
If you're running apps you don't have control of on your network I can certainly see how that would cause you serious problems. Of many kinds. I tend to forget that the general run of IT out there is best described as "a chaotic mess." I'm definitely spoiled by having encountered, and solved, these problems years ago, and by forbidding network-aware OPC to run there.
So I'll put it this way, then: I can make such changes within the LAN with very minor effort when that needs to happen, or I simply want it to. So this kind of decision by WAN TLD decision-makers is of no significant consequence at all to me.
YMMV. But... you'd be considerably better off if it didn't. :)
--------------------------------------------------------------
*OPC - Other People's Code
(Score: 2) by fyngyrz on Sunday February 18 2018, @03:23AM (1 child)
You could always use .home, .corp and .mail on your LAN; as well as anything else you chose. At least for *nix and the mac, you can, I presume Windows offers something similar (if not, then it's broken):
Just edit your /etc/hosts file (or similar on your router if you want this LAN-wide), enter the domain name(s) and the IP(s) and your machine will go there for that domain.
What are they talking about, "now" you can use these?
Is the hidden subtext "without fear of missing something likewise named on teh Intertubez"? Because if it is... well, good grief, I never had that fear. More the other way around: the more places you go, the more malfuckery you're exposed to. Besides, should it come to pass that you did want to get to an identically named site via DNS, just... change yours to something else.
I know I must be missing something here. Is it some kind of lockdown on TLDs by rogue web browser developers, like the way some of them are beginning to arbitrarily break/scare-tactic HTTP vs. HTTPS?
(Score: 2, Disagree) by requerdanos on Sunday February 18 2018, @04:48AM
So, the more valid or even potentially valid Internet destinations you cause to become unreachable through not just misconfiguration but misconfiguration-as-security, the better?
How about no.
(Score: 5, Insightful) by ElizabethGreene on Sunday February 18 2018, @03:32AM (3 children)
> You can now use .home, .corp, and .mail on your internal networks.
As the person you call to fix this type of technical tomfoolery, please for the love of $DEITY do NOT do this. Internal networks don't always stay internal. It's fine and good when you start out with foo.corp and then you need to link to another business and things go all pear shaped. You can't get a public SSL certificate for a domain name you don't own, and you don't own foo.corp. Now you have to do a bunch of extra unnecessary work. Why pay the technical debt? Get a cheap domain _you own_ and use that.
Please.
---
This, this right here, is why we can't have nice things.
(Score: 2) by requerdanos on Sunday February 18 2018, @04:52AM
Well, no, I don't own foo.local despite using it as the usual name on my local network for host foo; I grant that, but I do own foo.myorganization.info -- and that's just as good. apache2 knows to answer to either name with that particular site.
(Score: 1, Informative) by Anonymous Coward on Sunday February 18 2018, @05:28AM
I just use a domain name 3 deep with .test as my TLD. That one is guaranteed not to be used on the public internet. To help prevent shenanigans when off network, I make sure that .invalid and a different domain on .test don't work before allowing connections to my domain.
(Score: 2) by fyngyrz on Sunday February 18 2018, @11:21PM
I'm not going to be calling you to fix anything. Consequently, your misperception of what is broken as opposed to what is not is completely irrelevant to me.
(Score: 3, Insightful) by takyon on Sunday February 18 2018, @03:53AM (2 children)
ICANN doing the reasonable thing instead of the cash grab.
And they even refunded the $185k fees even though they could have pocketed it.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 1, Insightful) by Anonymous Coward on Sunday February 18 2018, @05:25PM (1 child)
On the other hand, they *did* keep the money for 6 years, so when you account for inflation, interest, etc...
(Score: 3, Informative) by HiThere on Sunday February 18 2018, @06:01PM
I take it you haven't looked at interest rates lately. They aren't quite negative, but they're so low that they barely register.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.