The dot com era may soon draw to an end, and that could lead to some unexpected headaches on corporate networks around the world.
The Internet Corporation for Assigned Names and Numbers has been slowly working toward the day when it radically expands the number of top-level domains used on the Internet. There are a few hundred top-level domains today -- .com, .net, and .uk to name a few -- but ICANN wants to expand this to essentially whatever the market will bear.
On Wednesday, it said that it has received nearly 2,000 applications from companies that want to manage these new top-level domains. The problem is that some of these proposed new top-level domains could be at odds with the names used by networking geeks running corporate networks.
Here's the problem in a nutshell: If a company has a computer on its local network named computer.home and .home suddenly becomes a top-level domain, then there's a chance that any software looking for computer.home could be redirected out to the internet.
Whether or not a program ends up going to the right place will vary, depending on the configuration of the Domain Name System (DNS) resolver software it uses to figure out where .home is, says David Ulevitch CEO of DNS service provider OpenDNS.
But there's a pretty good chance that the changes will cause some headaches for system administrators and maybe even a pathway for data to get leaked out to the Internet. At worst, it could give hackers a back door into corporate networks.
This may sound a little far fetched, but consider this: Companies are already lining up to take control of the .home and .corp top-level domains, and there is already a lot of Internet traffic looking for computers at those domains.
Things could get worse if someone wanted to register really widely used top-level domains such as .localhost or .lan, but many of these domains will simply never be authorized by ICANN for this very reason, says Cricket Liu, vice president of architecture at DNS company Infoblox.
ICANN didn't respond to requests for comment, but the group is clearly aware of the potential problem.
"Studies illustrate that the amount of inherited query traffic could be considerable, i.e., on the order of millions of queries per day, should the applicant’s chosen string be one that appears frequently at the root," the ICANN's Security and Stability Advisory Committee wrote in a November 2010 report on the issue.
Sebastian Castro, a DNS specialist with New Zealand Domain Name Registry who conducted some of that research found that the .home domain got about 55 million queries on the day he checked it out. That's a lot, but to put it in perspective, .nz gets 150 million queries per day; .com gets billions.
Other top-level domains that could cause problems include .global, .inc, .prod, .ads, .mail, .site, .host, and .home, he says.
In fact, this is already a problem with some existing top-level domains Liu says.
And a (http://www.pcworld.com/article/140268/windows_dns_flaw_is_back.html), having to do with the way that some Microsoft software works with the Domain Name System, dates back to 1999.
"If you use db.office as a shorthand for db.office.infoblox.com and get a name in the new .office top-level domain instead, it either won't work or you'll connect to a different server than you thought--maybe a malicious one," says Liu.
