Problem with zone delegation with private gTLD
Petr Mensik
pemensik at redhat.com
Mon Apr 8 11:40:52 UTC 2019
On 4/8/19 1:05 PM, Matus UHLAR - fantomas wrote:
>> Karl Lovink via bind-users <bind-users at lists.isc.org> wrote:
>>> I am trying to set up a private gTLD with BIND9 and underneath that gTLD
>>> a subdomain.
>
> On 08.04.19 12:00, Tony Finch wrote:
>> Why a TLD?
>>
>> You will have fewer problems if you get a properly registered domain and
>> set up a subdomain of that for private use.
>
> many users/organizations use private TLDsm, just like they often use
> private
> IP ranges instead of public.
>
> I believe there should be reserved gTLD for such usage.
>
I believe there is test domain reserved for similar usage. Or home.arpa
domain.
Organizations should use their own (sub)domain, especially if they use
DNSSEC. Individuals usually lack domain they can control. Organization
often lack good practices to limit some subdomain for private usage.
Complicated setup of secure delegation on some DNS providers might be
responsible.
I think dns search suffix might help with longer domains usage. But it
is also considered insecure.
--
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com PGP: 65C6C973
More information about the bind-users
mailing list