SoylentNews is people
SoylentNews
https://www.theregister.com/2024/01/29/icann_internal_tld/
The Internet Corporation for Assigned Names and Numbers (ICANN) has proposed creating a new top-level domain (TLD) and never allowing it to be delegated in the global domain name system (DNS) root.
The proposed TLD is .INTERNAL and, as the name implies, it's intended for internal use only. The idea is that .INTERNAL could take on the same role as the 192.168.x.x IPv4 bloc – available for internal use but never plumbed into DNS or other infrastructure that would enable it to be accessed from the open internet.
ICANN's Security and Stability Advisory Committee (SSAC) advised the development of such a TLD in 2020. It noted at the time that "many enterprises and device vendors make ad hoc use of TLDs that are not present in the root zone when they intend the name for private use only. This usage is uncoordinated and can cause harm to Internet users" – in part by forcing DNS servers to handle, and reject, queries for domains only used internally.
[...] ICANN's board still has to sign off the creation of .INTERNAL. But if you want to get ahead of the pack, there's nothing stopping you. Indeed, some outfits already use ad hoc TLDs. Open source Wi-Fi firmware project WRT has used .LAN, and networking vendor D-Link has employed .dlink.
There's nothing stopping you doing likewise.
But as ICANN's proposal for the idea noted: "Operators who choose to use private namespaces of the kind proposed in this document should understand the potential for that decision to have corresponding costs, and that those costs might well be avoided by choosing instead to use a sub-domain of their own publicly registered domain name."
(Score: 5, Insightful) by Revek on Thursday February 01 2024, @12:52PM (8 children)
Who cares what ICANN says about this. I use .local and wouldn't just change without some beneficial reason.
This page was generated by a Swarm of Roaming Elephants
(Score: 3, Funny) by Anonymous Coward on Thursday February 01 2024, @01:02PM (1 child)
Yeah, but this is internal, vs topical. You know you want a suppository from ICANN!
(Score: 2) by BsAtHome on Thursday February 01 2024, @03:52PM
Only if you first liquefy the bits and then coagulate the bytes.
(Score: 0) by Anonymous Coward on Thursday February 01 2024, @02:23PM
I don't care either, but then I've been using .internal for a hellish long time now...longer than I care to think about.
(Score: 1) by Runaway1956 on Thursday February 01 2024, @02:45PM (1 child)
Reason: the default is almost always a poor choice from a security perspective. I won't recommend that you change to the new default, for the same reason. But, there have been articles in the past, where an attacker compromised the router, then used the few defaults in common use to get into the local network. Better to not use any default, old or new, instead, creating your own domain name. .smurf or .fbi or .button or .anydamnthingatall. There have been recent articles about well known routers having bugs in them, and we can be pretty sure that bad guys are poking around, trying to get inside the network with those bugs. When all else fails, security through obscurity can be quite useful.
“I have become friends with many school shooters” - Tampon Tim Walz
(Score: 3, Interesting) by Opportunist on Thursday February 01 2024, @02:52PM
I could see the benefit of using an "official" internal DNS name that gets hardcoded into DNS servers as MUST NOT BE ROUTED, akin to what RFC 1918 did for some IPv4 networks.
It will still be quite interesting when you link two such networks together via VPN, but then, that has always been the staple of headaches for 1918 networks as well, so... Maybe solve that on the second level of "internal" DNS names? (like XXXX.office1.internal for the first, XXXX.office2.internal for the next one...).
(Score: 3, Touché) by Opportunist on Thursday February 01 2024, @02:49PM
mDNS [wikipedia.org] (and the implications for various services that treat .local as something special) would maybe be one...
(Score: 3, Informative) by takyon on Thursday February 01 2024, @10:07PM (1 child)
This takes .internal off the table forever, making it safer to use, and it could end up more widely used on home networks. Maybe not such a big deal but probably a better use of ICANN's time than whatever bad ideas are waiting in line behind this change.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 1, Insightful) by Anonymous Coward on Friday February 02 2024, @07:07AM
Took them a long while though. I proposed something like this to the IETF and the ICANN more than a decade ago.
https://datatracker.ietf.org/doc/html/draft-yeoh-tldhere-01 [ietf.org]