Special Use Top Level Domain '.homenet'

Users and devices within a home network require devices and services to be identified by names that are unique within the boundaries of the home network . The naming mechanism needs to function without configuration from the user. While it may be possible for a name to be delegated by an ISP, home networks must also function in the absence of such a delegation. A default name with a scope limited to each individual home network needs to be used. The '.homenet' top-level domain replaces '.home' which was specified in as the default domain-name for home networks. '.home' had been selected as the most user-friendly option. However, there are existing uses of '.home' that may be in conflict with this use: evidence indicates that '.home' queries frequently leak out and reach the root name servers . Also, ICANN has about a dozen applicants for the '.home' top-level domain name, which creates a significant risk of litigation if it were claimed by the IETF outside of that process. As a result, the use of '.home' has been deprecated; this document updates to replace '.home' with '.homenet', while another document, deprecates the use of the '.home' TLD. This document registers the top-level domain '.homenet.' as a special-use domain name and specifies the behavior that is expected from the Domain Name System with regard to DNS queries for names whose rightmost non-terminal label is 'homenet'. Queries for names ending with '.homenet.' are of local significance within the scope of a home network, meaning that identical queries will result in different results from one home network to another. In other words, a name ending in '.homenet' is not globally unique.

The top-level domain name '.homenet.' is to be used for naming within a home network. Names ending with '.homenet.' reference a locally-served zone, the contents of which are unique only to a particular home network, and are not globally unique. Such names refer to nodes and/or services that are located within a home network (e.g., a printer, or a toaster). DNS queries for names ending with '.homenet.' are resolved using local resolvers on the homenet. Such queries MUST NOT be recursively forwarded to servers outside the logical boundaries of the home network. Some service discovery user interfaces that are expected to be used on homenets conceal information such as domain names from end users. However, it is still expected that in some cases, users will need to see, remember, and even type, names ending with '.homenet'. It is therefore desirable that users identify the top-level domain and understand that using it expresses the intention to connect to a service that is specific to the home network to which they are connected. Enforcing the fulfillment of this intention is out of scope for this document.

This section defines the behavior of systems involved in domain name resolution when serving queries for names ending with '.homenet.' (as per ). Users can use names ending with '.homenet.' just as they would use any other domain name. The '.homenet' name is chosen to be readily recognized by users as signifying that the name is addressing a service on the homenet to which the user's device is connected. Applications SHOULD treat domain names ending with '.homenet.' just like any other FQDN, and MUST NOT make any assumption on the level of additional security implied by its presence. Name resolution APIs and libraries MUST NOT recognize names that end in '.homenet.' as special and MUST NOT treat them differently. Name resolution APIs MUST send queries for such names to their configured caching DNS server(s). Using a recursive resolver other than the resolver(s) offered by the home network will result in failure to correctly resolve queries for subdomains of '.homenet'. If a host is configured to always use a recursive resolver other than the one offered by the local network, it will be unable to resolve queries that are subdomains of '.homenet'. Unless configured otherwise, recursive resolvers and DNS proxies MUST behave as described in Locally Served Zones ( Section 3). Recursive resolvers that are part of a home network MAY be configured manually or automatically (e.g., for auto-configuration purposes) to act differently, e.g., by querying another name server configured as authoritative for part or all of the '.homenet' domain, or proxying the request through a different mechanism. Only a DNS server that is authoritative for the root ('.') or is configured to be authoritative for '.homenet' or a subdomain of '.homenet' will ever answer a query about '.homenet.' In both of these cases, the server should simply answer as configured: no special handling is required. DNS servers outside a home network should not be configured to be authoritative for .homenet. DNS Registries/Registrars MUST NOT grant requests to register '.homenet' in the normal way to any person or entity. '.homenet' is registered in perpetuity to IANA:

Domain Name: HOMENET Registrar: RESERVED-INTERNET ASSIGNED NUMBERS AUTHORITY Whois Server: whois.iana.org Referral URL: http://res-dom.iana.org Name Server: A.IANA-SERVERS.NET Name Server: B.IANA-SERVERS.NET Status: clientDeleteProhibited Status: clientTransferProhibited Status: clientUpdateProhibited

The final paragraph of Homenet Considerations Protocol , section 8, is updated as follows: OLD: Names and unqualified zones are used in an HNCP network to provide naming and service discovery with local significance. A network-wide zone is appended to all single labels or unqualified zones in order to qualify them. ".home" is the default; however, an administrator MAY configure the announcement of a Domain-Name TLV (Section 10.6) for the network to use a different one. In case multiple are announced, the domain of the node with the greatest node identifier takes precedence. NEW: Names and unqualified zones are used in an HNCP network to provide naming and service discovery with local significance. A network-wide zone is appended to all single labels or unqualified zones in order to qualify them. ".homenet" is the default; however, an administrator MAY configure the announcement of a Domain-Name TLV (Section 10.6) for the network to use a different one. In case multiple are announced, the domain of the node with the greatest node identifier takes precedence. The '.homenet' special-use name does not require a special resolution protocol. Names for which the rightmost non-terminal label is 'homenet' are resolved using the DNS protocol .

Although a DNS record returned as a response to a query ending with '.homenet.' is expected to have local significance and be returned by a server involved in name resolution for the home network the device is connected in, such response MUST NOT be considered more trustworthy than would be a similar response for any other DNS query. Because '.homenet' is not globally scoped and cannot be secured using DNSSEC based on the root domain's trust anchor, there is no way to tell, using a standard DNS query, in which home network scope an answer belongs. Consequently, users may experience surprising results with such names when roaming to different home networks. To prevent this from happening, it may be useful for the resolver to identify different home networks on which it has resolved names, but this is out of scope for this document. In order to enable DNSSEC validation of a particular '.homenet', it might make sense to configure a trust anchor for that homenet. How this might be done is out of scope for this document.

IANA is requested to record the top-level domain ".homenet" in the Special-Use Domain Names registry . IANA is requested to set up insecure delegation for '.homenet' in the root zone pointing to the AS112 service , to break the DNSSEC chain of trust.

The authors would like to thank Stuart Cheshire for his prior work on '.home', as well as the homenet chairs: Mark Townsley and Ray Bellis.