Re: [DNSOP] Public Suffix List

Gervase Markham <> Wed, 11 June 2008 09:10 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id 61B883A69E0; Wed, 11 Jun 2008 02:10:03 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 55E353A69E0 for <>; Wed, 11 Jun 2008 02:10:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.733
X-Spam-Status: No, score=-3.733 tagged_above=-999 required=5 tests=[AWL=-0.734, BAYES_00=-2.599, J_CHICKENPOX_32=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5qRcJ-QLINp6 for <>; Wed, 11 Jun 2008 02:09:54 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 1A0443A68DB for <>; Wed, 11 Jun 2008 02:09:54 -0700 (PDT)
Received: from ([] helo=[]) by with esmtpsa (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32) (Exim 4.50) id 1K6MLL-0000Kv-3z; Wed, 11 Jun 2008 10:10:14 +0100
Message-ID: <>
Date: Wed, 11 Jun 2008 10:10:04 +0100
From: Gervase Markham <>
User-Agent: Thunderbird 3.0a1 (X11/2008050714)
MIME-Version: 1.0
To: Doug Barton <>
References: <> <> <> <>
In-Reply-To: <>
Received-SPF: none ( domain of does not designate permitted sender hosts) client-ip= helo=[]
X-BlackCat-Spam-Score: -17
Subject: Re: [DNSOP] Public Suffix List
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Doug Barton wrote:
> Gervase Markham wrote:
>> The fact that I am working on this question now is not to present a
>> /fait accompli/; I've just been too busy to get to it.
> Is it just me, or do those two statements seem to contradict one another?

I don't think so. Both are statements of truth.

If I had had time, I would have got this update mechanism sorted out
months ago. The fact that I didn't have time is not me saying that "I
don't want other people to have input into this process".

It's true that people saying "Please don't do anything like that" are
unlikely to be heeded. But that was just as true months ago as it is now.

> "We have already done 
> this, so if your data is accurate, fine. If not, you'll want to get 
> our list updated so that we may get it into the next version, whenever 
> that ships." 

Yep. In six to eight weeks, usually.

> The fact that your list seems to be missing some of the recent updates 
> to the IANA list does not fill me with hope.

I've added to my ToDo list an item to check that list against ours.
Although again I stress that just adding ".zz" to the list is the same
as having no entries, because it's just an explicit encoding of the
default behaviour.

> There's two problems with that statement. First, if I ran the JE 
> registry there's a pretty good chance that I'd be offended (not 
> speaking for them, just following your example). I don't know any TLD 
> operators who don't think that their domain has substantial 
> significance, even if it is "only" to their user community.

I didn't say anything about significance. It was merely a factual
statement about the number of websites. I don't have the ability to
determine how many sites there are in .je (I'm sure many people reading
this list do) but I'd wager it's four orders of magnitude less than the
number in .com, and at least two less than in And so ad-serving
companies are unlikely to be optimising their tracking systems to track
visitors across different sites in (even if that exists; I don't
know that it does). Perhaps I should continue to use ".xx" or ".zz" as
an example?

> The other, more important problem is that you're totally discounting 
> the possibility that the bad guys will simply move their websites to 
> TLDs that you don't have a policy for (or for whom your policy is too 
> permissive). 

I very much doubt that established businesses will change their domain
name just so they can track users more accurately. ("Welcome to
cnn.xx!") I think you overestimate the impact of this change.

>> I've filed .
> The audit trail for that is pretty interesting. First, I think it 
> would be useful for you to include a link to this discussion so that 
> your colleagues could read it for themselves. 

Done; thank you.

> Second, the followup from Dave Townsend seems to indicate that at one 
> point in the past this data was being read from a file. Perhaps that 
> code could be resurrected?

To be entirely honest, I was under the impression that this was still
the case. I am looking into the question.

> Heh, if that's your criteria, then the options you have already would 
> be significantly reduced. :) 

There's always more work to do :-)

DNSOP mailing list