A top-level domain (TLD) is one of the domains at the highest level in the hierarchical Domain Name System of the Internet after the root domain.[1] The top-level domain names are installed in the root zone of the name space. For all domains in lower levels, it is the last part of the domain name, that is, the last non-empty label of a fully qualified domain name. For example, in the domain name www.example.com, the top-level domain is .com. Responsibility for management of most top-level domains is delegated to specific organizations by the ICANN, an Internet multi-stakeholder community, which operates the Internet Assigned Numbers Authority (IANA), and is in charge of maintaining the DNS root zone.
History
Originally, the top-level domain space was organized into three main groups: Countries, Categories, and Multiorganizations.[2] An additional temporary group consisted of only the initial DNS domain, .arpa,[3] and was intended for transitional purposes toward the stabilization of the domain name system.
Types
As of 2015,[update] IANA distinguishes the following groups of top-level domains:[4]
Generic restricted top-level domains (grTLD): These domains are managed under official ICANN-accredited registrars.
Sponsored top-level domains (sTLD): These domains are proposed and sponsored by private agencies or organizations that establish and enforce rules restricting the eligibility to use the TLD. Use is based on community theme concepts; these domains are managed under official ICANN accredited registrars.
Test top-level domains (tTLD): These domains were installed under .test for testing purposes in the IDN development process; these domains are not present in the root zone.
Countries are designated in the Domain Name System by their two-letter ISO country code;[5] there are exceptions, however (e.g., .uk). This group of domains is, therefore, commonly known as country-code top-level domains (ccTLD). Since 2009, countries with non–Latin-based scripts may apply for internationalized country code top-level domain names, which are displayed in end-user applications in their language-native script or alphabet, but use a Punycode-translated ASCII domain name in the Domain Name System.
Generic top-level domains (formerly categories) initially consisted of .gov, .edu, .com, .mil, .org, and .net. More generic TLDs have been added, such as .info.
ICANN started to accept applications for IDN ccTLDs in November 2009,[6] and installed the first set into the Domain Names System in May 2010. The first set was a group of Arabic names for the countries of Egypt, Saudi Arabia, and the United Arab Emirates. By May 2010, 21 countries had submitted applications to ICANN, representing 11 scripts.[7]
Infrastructure domain
The domain .arpa was the first Internet top-level domain. It was intended to be used only temporarily, aiding in the transition of traditional ARPANET host names to the domain name system. However, after it had been used for reverse DNS lookup, it was found impractical to retire it, and is used today exclusively for Internet infrastructure purposes such as in-addr.arpa for IPv4 and ip6.arpa for IPv6 reverse DNS resolution, uri.arpa and urn.arpa for the Dynamic Delegation Discovery System, and e164.arpa for telephone number mapping based on NAPTR DNS records. For historical reasons, .arpa is sometimes considered to be a generic top-level domain.[8]
Reserved domains
A set of domain names is reserved[9][10] by the Internet Engineering Task Force as special-use domain names. The practice originated in RFC 1597 for reserved address allocations in 1994 and reserved top-level domains in RFC 2606 of 1999, with additional reservations in later RFCs. These reserved names should not be used in production networks that utilize the global domain name system.
In the late 1980s, InterNIC created the .nato domain for use by NATO.[citation needed] NATO considered none of the then-existing TLDs as adequately reflecting their status as an international organization. Soon after this addition, however, InterNIC also created the .int TLD for the use by international organizations in general, and persuaded NATO to use the second level domain nato.int instead. The nato TLD, no longer used, was finally removed in July 1996.[citation needed]
Around late 2000, ICANN discussed and finally introduced[17].aero, .biz, .coop, .info, .museum, .name, and .pro TLDs. Site owners argued that a similar TLD should be made available for adult and pornographic websites to settle the dispute of obscene content on the Internet, to address the responsibility of US service providers under the US Communications Decency Act of 1996. Several options were proposed including xxx, sex and adult.[18] The .xxx top-level domain eventually went live in 2011.[19]
An older proposal consisted of seven new gTLDs: arts, firm, .info, nom, rec, .shop, and .web.[20] Later .biz, .info, .museum, and .name covered most of these old proposals.
During the 32nd International Public ICANN Meeting in Paris in 2008, ICANN started a new process of TLD naming policy to take a "significant step forward on the introduction of new generic top-level domains".[21] This program envisioned the availability of many new or already proposed domains, as well as a new application and implementation process.[22] Observers believed that the new rules could result in hundreds of new gTLDs being registered.[23]
On 13 June 2012, ICANN announced nearly 2,000 applications for top-level domains, which began installation throughout 2013.[24][25] The first seven – bike, clothing, guru, holdings, plumbing, singles, and ventures – were released in 2014.[26]
Rejected domains
ICANN rejected several proposed domains to include .home and .corp due to conflicts regarding gTLDs that are in use in internal networks.
Investigation into the conflicts was conducted at ICANN's request by Interisle Consulting. The resulting report was to become known as the Name Collision[27] issue, which was first reported at ICANN 47.[28]
Dotless domains
Due to the structure of DNS, each node in the tree has its own collection of records, and since top-level domains are nodes in DNS, they have records of their own. For example, querying org itself (with a tool such as dig, host, or nslookup) returns information on its nameservers:
QUESTION
org. IN ANY
ANSWER
org. 21599 IN NS a0.org.afilias-nst.info.
org. 21599 IN NS a2.org.afilias-nst.info.
org. 21599 IN NS b0.org.afilias-nst.org.
org. 21599 IN NS b2.org.afilias-nst.org.
[…]
Dotless domains are top-level domains that take advantage of that fact, and implement A, AAAA or MX DNS records to serve webpages or allow incoming email directly on a TLD – for example, a webpage hosted on http://example/, or an email address user@example.[29]
ICANN and IAB have spoken out against the practice, classifying it as a security risk among other concerns.[30] ICANN's Security and Stability Advisory Committee (SSAC) additionally claims that SMTP "requires at least two labels in the FQDN of a mail address" and, as such, mail servers would reject emails to addresses with dotless domains.[29]
ICANN has also published a resolution in 2013 that prohibits the creation of dotless domains on gTLDs.[31]ccTLDs, however, fall largely under their respective country's jurisdiction, and not under ICANN's. Because of this, there have been many examples of dotless domains on ccTLDs in spite of ICANN's vocal opposition.
Other ccTLDs with A or AAAA records, as of September 2023, include: .cm, .tk and .ws.
A similar query to org's presented above can be made for ai, which shows A and MX records for the TLD:
QUESTION
ai. IN ANY
ANSWER
ai. 21599 IN A 209.59.119.34
ai. 21599 IN MX 10 mail.offshore.ai.
ai. 21599 IN NS anycastdns1-cz.nic.ai.
ai. 21599 IN NS anycastdns2-cz.nic.ai.
ai. 21599 IN NS pch.whois.ai.
[…]
Historically, many other ccTLDs have had A or AAAA records. On 3 September 2013, as reported by the IETF, they were the following:[32].ac, .dk, .gg, .io, .je, .kh, .sh, .tm, .to, and .vi.
New TLDs
Following a 2014 resolution by ICANN, newly registered TLDs must implement the following A, MX, TXT, and SRV apex DNS records – where <TLD> stands for the registered TLD – for at least 90 days:[33]
<TLD>. 3600 IN MX 10 your-dns-needs-immediate-attention.<TLD>.
<TLD>. 3600 IN SRV 10 10 0 your-dns-needs-immediate-attention.<TLD>.
<TLD>. 3600 IN TXT "Your DNS configuration needs immediate attention see https://icann.org/namecollision"
<TLD>. 3600 IN A 127.0.53.53
This requirement is meant to avoid domain name collisions when new TLDs are registered. For example, programmers may have used custom local domains such as foo.bar or test.dev, which would both collide with the creation of gTLDs .bar in 2014 and .dev in 2019.
While this does create apex DNS records of type A and MX, they do not qualify as a dotless domain, as the records should not point to real servers. For instance, the A record contains the IP 127.0.53.53, a loopback address (see IPv4 § Addressing), picked as a mnemonic to indicate a DNS-related problem, as DNS uses port 53.[34]
Several networks, such as BITNET, CSNET, and UUCP, existed that were in widespread use among computer professionals and academic users, but were not interoperable directly with the Internet and exchanged mail with the Internet via special email gateways. For relaying purposes on the gateways, messages associated with these networks were labeled with suffixes such as .bitnet, .oz, .csnet, or .uucp, but these domains did not exist as top-level domains in the public Domain Name System of the Internet.
Most of these networks have long since ceased to exist, and although UUCP still gets significant use in parts of the world where Internet infrastructure has not yet become well established, it subsequently transitioned to using Internet domain names, and pseudo-domains now largely survive as historical relics. One notable exception is the 2007 emergence of SWIFTNet Mail, which uses the swift pseudo-domain.[35]
The anonymity network Tor formerly used the top-level pseudo-domain .onion for onion services, which can only be reached with a Tor client because it uses the Tor onion routing protocol to reach the hidden service to protect the anonymity of users. However, the pseudo-domain became officially reserved in October 2015.[36]i2p provides a similar hidden pseudo-domain, .i2p,[37] and Namecoin uses the .bit pseudo-domain.[38]
^"Restricted" means that the TLD is only usable or reserved for certain people, organizations, countries, ect.
References
^Postel, Jon (March 1994). "Domain Name System Structure and Delegation". Request for Comments. Network Working Group. doi:10.17487/RFC1591. Retrieved 7 February 2011. This memo provides some information on the structure of the names in the Domain Name System (DNS), specifically the top-level domain names; and on the administration of domains.
^Postel, J. (October 1984). "Domain Name System Implementation Schedule - Revised". Request for Comments. Network Working Group. doi:10.17487/RFC0921. Retrieved 7 February 2011. This memo is a policy statement on the implementation of the Domain Style Naming System in the Internet. This memo is an update of RFC-881, and RFC-897. This is an official policy statement of the IAB and the DARPA.
Addressing the World: National Identity and Internet Country Code Domains, edited by Erica Schlesinger Wass (Rowman & Littlefield, 2003, ISBN0-7425-2810-3) examines connections between cultures and their ccTLDs.