On Tue 24/Nov/2020 17:50:20 +0100 Murray S. Kucherawy wrote:
On Tue, Nov 24, 2020 at 4:20 AM Alessandro Vesely <ves...@tana.it> wrote:
If I'm going to go to the effort to download and decode a PSL and find
the OD, I'll just use the OD. >>>
One of the points of the tree walk is to get rid of the PSL processing.
The PSL processing is a local lookup on an in-memory suffix tree. How is
it a progress to replace it with a tree walk? A PSL search is lightning
faster than even a single DNS lookup, isn't it? >>
Sure, but only if you think the PSL is accurate. Otherwise you're basing
your shortcut up the tree on data you don't have reason to trust. On the
other hand, a tree walk, while more expensive in terms of queries, isn't a
heuristic based on possibly stale information.
The PSL is the result of a community-maintained effort. They do not follow
intricate naming restrictions that ccTLDs might theorize, but actively track
subdomains as they become visible/ noticed. It is remarkably good.
The reason why one may happen to use stale information is because updates are
not so well organized. Arguably, it's not going to reach a stable state until
it's considered a sort of hack.
For one, the CA/Browser forum had that stance:
On Feb 1, 2013, at 10:25 AM, Phillip wrote:
The public suffix list is a hack. It should go away. There needs to be a
mechanism for determining if a domain is a public suffix or not but that
information should be distributed through the DNS and not through an ad hoc
list that a third party is meant to be maintaining under ill-defined
criteria and without the active participation of the TLD operators.
https://archive.cabforum.org/pipermail/public/2013-February/001146.html
That stance is justified by Section 8.2 of RFC 6454. However, their current
Baseline Requirements state the following:
Determination of what is “registry-controlled” versus the registerable
portion of a Country Code Top-Level Domain Namespace is not standardized
at the time of writing and is not a property of the DNS itself. Current
best practice is to consult a “public suffix list” such as the Public
Suffix List (PSL), and to retrieve a fresh copy regularly.
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.7.3.pdf
And, noticeably, the URL Living Standard references the PSL plainly. They call
*registrable domain* what we call Organizational Domain. See:
https://url.spec.whatwg.org/#host-public-suffix
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc