At its meeting on 13 August 2013, the ICANN Board New gTLD Program Committee (NGPC) adopted a resolution affirming that “dotless domain names” are prohibited. Dotless domain names are those that consist of a single label (e.g., http://example, or mail@example). Dotless names would require the inclusion of, for example, an A, AAAA, or MX, record in the apex of a TLD zone in the DNS (i.e., the record relates to the TLD-string itself).
In addition to public comments on dotless domain names, the NGPC considered the security and stability risks associated with dotless domain names highlighted in the following papers:
- On 23 February 2012, the ICANN Security and Stability Advisory Committee (SSAC) published SAC 053: SSAC Report on Dotless Domains [PDF, 183 KB]. In this report, the SSAC stated that dotless domains would not be universally reachable and recommended strongly against their use. As a result, the SSAC recommended that the use of DNS resource records such as A, AAAA, and MX in the apex of a Top-Level Domain (TLD) should be contractually prohibited where appropriate, and strongly discouraged in all cases.
- On 10 July 2013 the Internet Architecture Board (IAB) released a statement on dotless domain names, recommending against the use of dotless domain names for TLDs.
- On 29 July 2013 Carve Systems delivered a report on dotless domain names, which was commissioned by ICANN. Consistent with the SSAC report, Carve’s report on dotless domain names [PDF, 1.02 MB] identifies security and stability issues.
When adopting its resolution, the NGPC considered the security and stability risks identified in these papers, as well as the impracticality of mitigating these risks. Based on the NGPC resolution, ICANN does not plan to pursue any additional studies on the subject. Read more