ICANN kills Google dotless domain hopes

Google's hopes for domain names without the customary 'dot' are now dead in the water.
Written by Charlie Osborne, Contributing Writer

Google's request for dotless top-level Internet domains have received a resounding 'no' from the Internet Architecture Board (IAB), and now ICANN has also rejected the tech giant's desires.

The Internet Corporation for Assigned Names and Numbers (ICANN) has rejected Google's wish to introduce a new dotless domain system, designed to save users even more time when typing in a web address. The proposed generic top-level domain (gTLD) would let users simply type in a word -- for example, "http://search/" -- in order to be routed to the correct service.

In a letter to ICANN from Google (.pdf), Google intentions were written:

"Google intends to operate a redirect service on the "dotless" .search domain (http://search/) that, combined with a simple technical standard will allow a consistent query interface across firms that provide search functionality, and will enable users to easily conduct searches with firms that provide the search functionality that they designate as their preference."

While using common Internet words in this way would be useful, ICANN believes that the system would raise a number of "security and stability concerns."

As described in a recent report (.pdf) conducted by ICANN's Security and Stability Advisory Committee (SSAC), dotless domain names would be tricky to implement. According to the regulator, they may produce "unpredictable results" and confusion within applications that usually point to conventional domain name addresses. The SSAC stated that dotless domains would not be universally reachable and recommended strongly against their use.

On 10 July, the IAB released a statement on dotless domain names, recommending against their use, saying:

"Since dotless domains will not behave consistently across various locations (and applications and platforms that may have different search list configuration mechanisms), they have the potential to confuse users and erode the stability of the global DNS. By attempting to change expected behavior, dotless domains introduce potential security vulnerabilities.

These include causing traffic intended for local services to be directed onto the global Internet (and vice-versa), which can enable a number of attacks, including theft of credentials and cookies, cross-site scripting attacks, etc. As a result, the deployment of dotless domains has the potential to cause significant harm to the security of the Internet."

In addition, Carve Systems delivered a report (.pdf) on dotless domain names for ICANN, which came to the same conclusions as the SSAC report.

The result is ICANN's New gTLD Program Committee (NGPC) board rejecting the idea of dotless domain names, and stating the agency has no intention to pursue the matter further. ICANN said:

"When adopting its resolution, the NGPC considered the security and stability risks identified in these papers, as well as the impracticality of mitigating these risks. Based on the NGPC resolution, ICANN does not plan to pursue any additional studies on the subject."

Although Google's plans for a new domain system have fallen short, ICANN has completed its first round of consideration for new global top level domains (GTLDs), none of which filed by the tech giant have been rejected in this stage of the process.

Editorial standards