Subject: Re: List of all TLDs with restricted second level
From: "Joe Baptista"
Date: Fri, 24 Oct 2008 17:50:21 -0400
To: "Florian Weimer"
CC: "Dominik Friedrichs" , [email protected], [email protected]
Received: by 10.180.214.5 with HTTP; Fri, 24 Oct 2008 14:50:21 -0700 (PDT)
Message-ID: <[email protected]>
Sender: [email protected]
In-Reply-To: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_16109_11835855.1224885021424"
References: <[email protected]> <[email protected]>
Delivered-To: [email protected]
X-Google-Sender-Auth: 3b5aaeacdddb64b0



On Fri, Oct 24, 2008 at 4:55 PM, Florian Weimer <[email protected]> wrote:
* Joe Baptista:

> Example - the Chinese second level they list as ��˾.cn
> <http://xn--55qx5d.cn>is actually represented as
> xn--55qx5d.cn in ascii for the purpose of resolution in the DNS.  So keep an
> eye out for IDN TLDs if you need to convert them.

Uhm, are you sure that they exclusively use IDNA?  After all, there is
this:

\229\133\172\229\143\184.cn IN A 159.226.7.162

Yes - I've seen that before.  Looks like something one of my tech experimented with.  Could be the same thing - or an error.  The Chinese do a lot of experimenting with the DNS.  They are ahead of any other nation in securing their National Infrastructure.  I have watched the Chinese develop their DNS and they are way ahead of anyone else.

Point in fact - one thing not shown in the Public Suffix list - which should be are the China National TLDs used by over 200 million people. The Chinese SLDs shown in the list, being ��˾.cn., ����.cn., and �W�j.cn. are actually TLDs.  Just drop the trailing cn. and you'll have the TLD.  Of course to see them you'll have to use China National DNS resolver or run the public root list on your resolver - which see:

http://www.publicroot.org/ins-root-publish-current/root-zone-current.html

or you can add the glue to your resolvers.

XN--55QW42G. NS NS1.CHINAGOV.GOV.CN.
XN--55QW42G. NS NS2.CHINAGOV.GOV.CN.
XN--55QW42G. NS NS3.CHINAGOV.GOV.CN.
XN--55QW42G. NS NS4.CHINAGOV.GOV.CN.

XN--55QX5D. NS CDNS3.CNNIC.NET.CN.
XN--55QX5D. NS CDNS4.CNNIC.NET.CN.
XN--55QX5D. NS CDNS5.CNNIC.NET.CN.
XN--55QX5D. NS HAWK2.CNNIC.NET.CN.

XN--FIQS8S. NS CDNS3.CNNIC.NET.CN.
XN--FIQS8S. NS CDNS4.CNNIC.NET.CN.
XN--FIQS8S. NS CDNS5.CNNIC.NET.CN.
XN--FIQS8S. NS HAWK2.CNNIC.NET.CN.

XN--IO0A7I. NS CDNS3.CNNIC.NET.CN.
XN--IO0A7I. NS CDNS4.CNNIC.NET.CN.
XN--IO0A7I. NS CDNS5.CNNIC.NET.CN.
XN--IO0A7I. NS HAWK2.CNNIC.NET.CN.

XN--ZFR164B. NS NS1.CHINAGOV.GOV.CN.
XN--ZFR164B. NS NS2.CHINAGOV.GOV.CN.
XN--ZFR164B. NS NS3.CHINAGOV.GOV.CN.
XN--ZFR164B. NS NS4.CHINAGOV.GOV.CN.

CDNS3.CNNIC.NET.CN. A 210.52.214.86
CDNS4.CNNIC.NET.CN. A 61.145.114.120
CDNS5.CNNIC.NET.CN. A 61.139.76.55
HAWK2.CNNIC.NET.CN. A 159.226.6.185 
NS1.CHINAGOV.GOV.CN. A 202.108.218.79
NS2.CHINAGOV.GOV.CN. A 202.108.218.80
NS3.CHINAGOV.GOV.CN. A 59.252.170.3
NS4.CHINAGOV.GOV.CN. A 61.135.160.135

You'll notice two additional TLD labels in the glue.  They are ����. or XN--55QW42G. (for organizations) and ����. or XN--ZFR164B. (for government).  They can also be reached as SLDs by adding the cn. label or ����.cn. and ����.cn.  You won't find those second levels in the firefox public suffix list as they were only announced recently,

Firefox should enter these TLDs into the public suffix list too.  I'll send them a copy of this email.  Just because ICANN is blind to them does not mean the chinese themselves should suffer as the public suffix list is used for security in firefox navigation - without the china national TLDs listed they leave out all their customers in china.  Not good.

cheers
joe baptista

--
Joe Baptista
www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive, Representative & Accountable to the Internet community @large.
----------------------------------------------------------------
 Office: +1 (360) 526-6077 (extension 052)
    Fax: +1 (509) 479-0084