Independent Submission E. Lewis Internet-Draft R. Arends ICANN Expires: May 3, 2020 Date: November 3, 2019 User Assigned ISO 3166-1 Alpha-2 Codes and the DNS Root Zone draft-arends-private-use-tld-00 Abstract The ISO 3166 standard is used for the definition of eligible designations for country code Top Level Domains. This standard is maintained by the ISO 3166 Maintenance Agency. The ISO 3166 standard contains a set of User-Assigned code elements. This document describes that these values can be used as top level domains for private DNS resolution. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on May 3, 2020. Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 1 2. Private-Use Top-Level Domain . . . . . . . . . . . . . . . . 1 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 1 4. Security Considerations . . . . . . . . . . . . . . . . . . . 1 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 1 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 1 7. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 1 1. Introduction The practice governing the delegation of ASCII two-letter domain names in the DNS [STD 13] root zone is to employ the ISO 3166-1 standard [ISO3166-1]. The ISO 3166-1 standard provides for multiple types of codings, with the ASCII two-letter codes (known as "alpha 2" codes) being used in the DNS to potentially represent countries and territories as country-code top-level domains (ccTLDs) [RFC1591]. The interrelationship is documented in "ICANN and the ISO, A Common Interest in ISO Standard 3166" [ICANN ISO]. In addition to these assigned codes, there are values designated as "User Assigned". Quoting ISO 3166-1:2013 clause 8.1.3 "User-assigned code elements" : "If users need code elements to represent country names not included in this part of ISO 3166, the series of letters AA, QM to QZ, XA to XZ, and ZZ, and the series AAA to AAZ, QMA to QZZ, XAA to XZZ, and ZZA to ZZZ respectively and the series of numbers 900 to 999 are available. NOTE Users are advised that the above series of codes are not universals, those code elements are not compatible between different entities." For the purposes of this document, ISO 3166-1 "alpha-2 user-assigned codes" are defined to be AA, QM to QZ, XA to XZ, and ZZ. The ranges ("to") are alphabetic and contain only characters in the US-ASCII definition [RFC20]. The codes are case insensitive. The quoted text explicitly states "code elements to represent country names" with the emphasis on the term "country names". Using code elements to represent something different than "country names" might at first appear to go against the intended use of the standard. However, many organisations, including the ISO, have used the user-assigned range to represent entities other than country names. The following list is not meant to be exhaustive, but to illustrate the different uses of the user-assigned range: ISO 3901 uses “ZZ” for direct registrants independent of any country. ISO 4217 uses the “XA..XZ” range for transactions and precious metals. ISO 6166 uses "XS" for securities cleared through Euroclear/Clearstream. ICAO uses “ZZ” for UN travel documents. RFC5646 contains a section and examples dedicated to Private Use Sub-tags WIPO has 5 User Assigned code elements allocated to identify regional agencies and patent offices, and allocated "XX" for "Unknown states, other entities or organizations”. CABForum uses "XX" to signify a location not covered by ISO3166-1. [references to be added in -01] 2. Private-Use Top-Level Domain Two areas of identifier use have been identified that can benefit from the use of private-use namespace: 1. Local-only usage. In locally configured environments where Internet traffic will not traverse the global Internet. While it is preferred that such usages use sub-domains within another domain registered for the specific hosting entity, not all such configurations have such a domain available. This is analogous to the use of private addressing described in [RFC 1918]. 2. Use by DNS-like applications. Some applications use network identifiers that are similar in appearance to domain names, and may be interpreted by software as domain names, but are not intended to use the global DNS resolution service (such as connecting to the DNS root servers via port 53 and performing recursive lookups). Using namespace allocated for private-use will guard against conflicts with the global DNS resolution system. This document recommends ZZ as a private-use TLD that can be used to support these two functions. The User Assigned classification of the ZZ code element in the ISO 3166-1 alpha 2 standard allows for the assumption that these codes will never risk requiring delegation through future assignment to represent a country or territory. 3. IANA Considerations To Be Added. 4. Security Considerations Names appearing to be domain names ending in alpha-2 user-assigned codes will be independent of the root zone, hence nothing can be said about their security implications from the root zone perspective. 5. Acknowledgements This document is based on a earlier draft by Ed Lewis. David Conrad, Jaap Akkerhuis, Kal Feher, Andrew Sullivan, Kim Davies so far have played a role. 6. References 6.1. Normative References [STD 13] Mockapetris, P., "Domain names - concepts and facilities", STD 13, RFC 1034, November 1987 and Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, November 1987. [RFC 20] Cerf, V., "ASCII format for network interchange", STD 80, RFC 20, October 1969. [RFC 1591] Postel, J., "Domain Name System Structure and Delegation", RFC 1591, March 1994. [RFC 1918] Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G., and E. Lear, "Address Allocation for Private Internets", BCP 5, RFC 1918, February 1996. [ISO 3166-1] ISO 3166-1:2013 "Codes for the representation of names of countries and their subdivisions -- Part 1: Country codes" 6.2. URIs [ICANN ISO] https://www.icann.org/resources/pages/ icann-iso-3166-2012-05-09-en 7. Author's Address Edward Lewis ICANN Email: edward.lewis@icann.org Roy Arends ICANN Email: roy.arends@icann.org Arends Expires May 3, 2020 [Page 1]