sleevi
commented
6 years ago Can you explain why you believe it is an improper/unsupported method?
This use Case was explicitly considered and supported.
Closed pzb closed 1 week ago
sleevi
commented
6 years ago Can you explain why you believe it is an improper/unsupported method?
This use Case was explicitly considered and supported.
pzb
commented
6 years ago From the front page:
Some people use the PSL to determine what is a valid domain name and what isn't. This is dangerous, particularly in these days where new gTLDs are arriving at a rapid pace, if your software does not regularly receive PSL updates, because it will erroneously think new gTLDs are not valid. The DNS is the proper source for this information. If you must use it for this purpose, please do not bake static copies of the PSL into your software with no update mechanism.
This strong suggests that the PSL team does not recommend using it to determine valid public TLDs.
sleevi
commented
6 years ago Not without an update mechanism. We support it with an update mechanism - the discussion goes back to the Bugzilla days and we agreed to be a superset if the root zone database
dnsguru
commented
6 years ago I am against a change like this. It could cause security issues and/or break stuff without a lot of notice to people who would then have to make changes in their software to accommodate the change
It would require massive advance notice to users, implementers and integrators, which we're frankly just not resourced for.
There are many libraries and uses out there which are set and forget that depend upon this. This is too large a pivot for the PSL - there's a substantial base of established use that have designed and developed their systems around it to where what you are suggesting would likely break stuff or destabilize a lot of systems to where they would operate outside of the expected behavior.
dnsguru
commented
6 years ago We might want to update the documentation to state that the * is a fallback behaviour within Firefox (if that is still the case).
sleevi
commented
6 years ago I’m not sure I understand the last point - every PSL implementation I’ve looked at has the * fallback (although some allow it to be disabled, for the reasons you mentioned)
On Thu, Apr 12, 2018 at 10:34 AM Jothan Frakes notifications@github.com wrote:
We might want to update the documentation to state that the * is a fallback behaviour within Firefox (if that is still the case).
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/publicsuffix/list/issues/602#issuecomment-380827081, or mute the thread https://github.com/notifications/unsubscribe-auth/ABayJ7SpTLvHHk8ZdS0z9gviFjIaLlrHks5tn2XZgaJpZM4SJY0H .
According to the Formal Algorithm for the PSL:
Right now there are many single label entries in the PSL. This has led to implementations failing to implement the default rule of
*. It has also led to incorrect use of the PSL to attempt to determine if a TLD is a public TLD.I suggest that all single label entries be moved to comments to both simplify the list and help avoid developers using the data in unsupported ways.