SAC070 - ICANN SSAC Advisory on the Use of Static TLD / Suffix Lists
Venue
ICANN Security and Stability Advisory Committee (SSAC) Reports and Advisories, ICANN (2015), pp. 32
Publication Year
2015
Authors
Warren Kumari, Jaap Akkerhuis, Patrik Fältström
BibTeX
Abstract
This advisory investigates the security and stability needs surrounding the growing
use of public suffix lists on the Internet. For the purposes of this Advisory, a
public suffix is defined as “a domain under which multiple parties that are
unaffiliated with the owner of the Public Suffix domain may register subdomains.”
Examples of Public Suffix domains include "org", "co.uk", "k12.wa.us" and "uk.com".
There is no programmatic way to determine the boundary where a Domain Name System
(DNS) label changes stewardship from a public suffix, yet tracking the boundary
accurately is critically important for security, privacy, and usability issues in
many modern systems and applications, such as web browsers. One method of
determining this boundary is by use of public suffix lists (PSLs), which are static
files listing the known public suffixes.
