On Tue 24/Nov/2020 17:50:20 +0100 Murray S. Kucherawy wrote:
On Tue, Nov 24, 2020 at 4:20 AM Alessandro Vesely <ves...@tana.it> wrote:

If I'm going to go to the effort to download and decode a PSL and find
the OD, I'll just use the OD. >>>
One of the points of the tree walk is to get rid of the PSL processing.

The PSL processing is a local lookup on an in-memory suffix tree. How is it a progress to replace it with a tree walk? A PSL search is lightning
faster than even a single DNS lookup, isn't it? >>

Sure, but only if you think the PSL is accurate.  Otherwise you're basing
your shortcut up the tree on data you don't have reason to trust.  On the
other hand, a tree walk, while more expensive in terms of queries, isn't a
heuristic based on possibly stale information.


The PSL is the result of a community-maintained effort. They do not follow intricate naming restrictions that ccTLDs might theorize, but actively track subdomains as they become visible/ noticed. It is remarkably good.

The reason why one may happen to use stale information is because updates are not so well organized. Arguably, it's not going to reach a stable state until it's considered a sort of hack.

For one, the CA/Browser forum had that stance:

On Feb 1, 2013, at 10:25 AM, Phillip wrote:
    The public suffix list is a hack. It should go away. There needs to be a
    mechanism for determining if a domain is a public suffix or not but that
    information should be distributed through the DNS and not through an ad hoc
    list that a third party is meant to be maintaining under ill-defined
    criteria and without the active participation of the TLD operators.
        https://archive.cabforum.org/pipermail/public/2013-February/001146.html

That stance is justified by Section 8.2 of RFC 6454. However, their current Baseline Requirements state the following:

    Determination of what is “registry-controlled” versus the registerable
    portion of a Country Code Top-Level Domain Namespace is not standardized
    at the time of writing and is not a property of the DNS itself. Current
    best practice is to consult a “public suffix list” such as the Public
    Suffix List (PSL), and to retrieve a fresh copy regularly.
       https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.7.3.pdf

And, noticeably, the URL Living Standard references the PSL plainly. They call *registrable domain* what we call Organizational Domain. See:
https://url.spec.whatwg.org/#host-public-suffix


Best
Ale
--
























_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to