Internet-Draft Reserve ALT TLD December 2022
Kumari & Hoffman Expires 16 June 2023 [Page]
Intended Status:
Standards Track
W. Kumari
P. Hoffman

The ALT Special Use Top Level Domain


This document reserves a TLD label, "alt" to be used in non-DNS contexts. It also provides advice and guidance to developers developing alternative namespaces.

[ This document is being collaborated on in Github at <>. The most recent version of the document, open issues, etc should all be available here. The authors (gratefully) accept pull requests. ]

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 16 June 2023.

Table of Contents

1. Introduction

Many Internet protocols need to name entities. Names that look like DNS names (a series of labels separated with dots) have become common, even in systems that are not part of the global DNS administered by IANA. This document reserves the top-level label "alt" (short for "alternative") as a special-use domain name ([RFC6761]). This top-level label can be used as the final (rightmost) label to signify that the name is not rooted in the global DNS, and that it should not be resolved using the DNS protocol.

In Section 3.1, the IANA is requested to add the .alt name to the "Special-Use Domain Name" registry. IANA sets aside names in that registry, as described in <>.

Throughout the rest of this document, the top-level "alt" label is shown as ".alt" to match the common presentation form of DNS names.

The techniques in this document are primarily intended to address some of the issues discussed in [RFC8244], which contains additional background on the issues with special use domain names.

1.1. Requirements Notation

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

1.2. Terminology

This document assumes familiarity with DNS terms; please see [RFC8499]. Terminology that is specific to this document is:

2. The alt Namespace

This document reserves the .alt label for use as an unmanaged pseudo-TLD namespace. The .alt label can be used in any domain name as a pseudo-TLD to signify that this is an alternative (non-DNS) namespace, and should not be looked up in a DNS context.

This document uses ".alt" for the pseudo-TLD in the presentation format for the DNS, corresponding to a 0x03616c7400 suffix in DNS wire format. The presentation and on-the-wire formats for non-DNS protocols might be different.

Because names beneath .alt are in an alternative namespace, they have no significance in the regular DNS context. DNS stub and recursive resolvers do not need to look them up in the DNS context.

DNS resolvers that serve the DNS protocol and non-DNS protocols at the same time might consider .alt like an entry in the "Transport-Independent Locally-Served DNS Zone Registry" that is part of IANA's "Locally-Served DNS Zones" registry, except that .alt is always used to denote names that are to be resolved by non-DNS protocols.

Note that using .alt as a pseudo-TLD does not mandate how the non-DNS protocol will handle the name. To maximize compatibility with existing applications, it is suggested, but not required, that non-DNS protocols using names that end in .alt follow DNS name syntax. If the non-DNS protocol has a wire format like the DNS wire format, it might append the null label at the end of the name, but it also might not. This document does not make any suggestion for how non-DNS protocols deal with the wire format of their names.

Groups wishing to create new alternative namespaces may create their alternative namespace under a label that names their namespace under the .alt pseudo-TLD. Developers are wholly responsible for dealing with any collisions that may occur under .alt.

Regardless of the expectations above, names in the .alt pseudo-TLD will leak outside the context in which they are valid. Decades of experience show that such names will appear at recursive resolvers, and will thus also appear at the root servers for the global DNS.

Sending traffic to the root servers that is known to always elicit an NXDOMAIN response, such as queries for names ending in .alt, wastes resources. Caching resolvers performing aggressive use of DNSSEC-validated caches (described in [RFC8198]) will not send any queries for names under .alt to the root zone. Similarly, caching resolvers using QNAME minimization (described in [RFC9156]) will cause less of this traffic to the root servers because the negative responses will cover all names under .alt.

Currently deployed projects and protocols that are using pseudo-TLDs may choose to move under the .alt pseudo-TLD, but this is not a requirement. Rather, the .alt pseudo-TLD is being reserved so that current and future projects of a similar nature have a designated place to create alternative resolution namespaces that will not conflict with the regular DNS context.

3. IANA Considerations

3.1. Special-Use Domain Name Registry

The IANA is requested to add the .alt name to the "Special-Use Domain Name" registry ([RFC6761]), and reference this document.

3.2. Domain Name Reservation Considerations

(This paragraph exists to meet the requirements of [RFC6761].) Application software that uses alternative namespaces in .alt are expected to have their own processing rules for their own names, probably in specialized resolver APIs, libraries, and/or application software. Users might or might not recognize that names in the .alt pseudo-TLD are special. Caching DNS servers and authoritative DNS servers will treat all names in the .alt pseudo-TLD just as they would any other name whose TLD does not appear in the global DNS root. DNS server operators will treat names in the .alt pseudo-TLD as they would names in any other TLD not in the global DNS. DNS registries/registrars for the global DNS will never register names in the .alt pseudo-TLD because .alt will not exist in the global DNS root.

4. Privacy Considerations

This document reserves .alt to be used to indicate that a name is not a DNS name, and so should not attempt to be resolved using the global DNS. Unfortunately, these queries will undoubtedly leak into the global DNS. This is a general problem with alternative name spaces and not confined to names ending in .alt.

5. Security Considerations

Because names in the .alt pseudo-TLD are explicitly outside of the DNS context, it is impossible to rely on any DNS-related security considerations. Care must be taken to ensure that the mapping of the pseudo-TLD into its corresponding non-DNS name resolution system in order to get whatever security is offered by that system.

6. Acknowledgements

We would like to thank Joe Abley, Mark Andrews, Erik Auerswald, Marc Blanchet, John Bond, Stephane Bortzmeyer, David Cake, David Conrad, Steve Crocker, Brian Dickson, Ralph Droms, Robert Edmonds, Patrik Faltstrom, Olafur Gudmundsson, Bob Harold, Joel Jaeggli, Ted Lemon, Edward Lewis, John Levine, George Michaelson, Ed Pascoe, Jim Reid, Arturo Servin, Paul Vixie and Suzanne Woolf for feedback.

Christian Grothoff was also very helpful and deserves special recognition.

In addition, Andrew Sullivan was an author from adoption (2015) through version 14 (2021).

7. References

7.1. Normative References

Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <>.
Cheshire, S. and M. Krochmal, "Special-Use Domain Names", RFC 6761, DOI 10.17487/RFC6761, , <>.

7.2. Informative References

Fujiwara, K., Kato, A., and W. Kumari, "Aggressive Use of DNSSEC-Validated Cache", RFC 8198, DOI 10.17487/RFC8198, , <>.
Lemon, T., Droms, R., and W. Kumari, "Special-Use Domain Names Problem Statement", RFC 8244, DOI 10.17487/RFC8244, , <>.
Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS Terminology", BCP 219, RFC 8499, DOI 10.17487/RFC8499, , <>.
Bortzmeyer, S., Dolmans, R., and P. Hoffman, "DNS Query Name Minimisation to Improve Privacy", RFC 9156, DOI 10.17487/RFC9156, , <>.

Appendix A. Changes / Author Notes.

[RFC Editor: Please remove this section before publication ]

From -18 to -19:

From -16 to -18:

From -15 to -16:

From -14 to -15:

From -13 to -14:

From -12 to -13:

From -08 to -12:

From -07 to -08:

From -06 to -07:

From -07.2 to -07.3 (GitHub point release):

From -07.1 to -07.2 (Github point release):

From -06 to -07.1 (

From -05 to -06:

From -04 to -05:

From -03 to -04:

From -02 to -03:

From -01 to -02:

From -00 to 01:

From Individual-06 to DNSOP-00

From -05 to -06

From -04 to -05

From -03 to -04

From -02 to -03

From -01 to -02

From -00 to -01.

Authors' Addresses

Warren Kumari
1600 Amphitheatre Parkway
Mountain View, CA, 94043
United States of America
Paul Hoffman