In Feburary the Security and Stability Advisory Committee (SSAC) published a report on Dotless Domains concluding that “dotless domains would not be universally reachable and the SSAC recommended strongly against their use. ”

On 23 June 2012, the ICANN Board adopted a resolution tasking ICANN to consult with the relevant communities regarding implementation of the recommendations in the SSAC report.

Depending on operating system, browser and user configuration, users may encounter any of the scenarios, or combinations of the scenarios above. Other than case cited above, there is no guarantee that users would be able to visit the dotless domain queried.”

As for the comments posted to ICANN three new gTLD operators have weighted in on dotless domains and all of them want ICANN to reject the findings of the SSAC report and keep dotless domains on the table.

Bret Fausett writing for Frank Schilling’s Uniregistry says in part:

“While Uniregistry has no plans to implement “dotless domains,” it does foresee a future where applications, protocols and, most importantly, Internet users expect dotless domains to work in many of the ways that second-level domains do now. We do not know whether this evolution will take place over the next year or the next ten years, but when it does, TLD registries should be able to support change equally with ccTLD operators and without having to re-negotiate their contracts.”

“We believe that SSAC-053, as other SSAC advisories, is an advisory for certain community best practices. We believe that virtually all TLD
operators will follow its advice in the immediate and near-term future. ”

“Its advice should not become binding policy, however, written into some, but not all, registry contracts.”

In order words Uniregistry doesn’t want to use dotless domains right now or in the forseeable future but wants the option on the table and not to be barred in their eventual contract with ICANN to operate the new gTLD’s it is awarded.

In the same camp is another new gTLD applicant Donuts, Inc which applied for the largest number of new gTLD;s:

Richard Tindal the COO Donuts Inc urges ICANN to take no action on the SSAC report in it’s comment to ICANN on dotless domains:

2. DNS resource records enabling dotless domain functionality exist in some 16 ccTLDs and do not appear to have caused stability and security problems as a result.
3. There would be no sudden or profound changes in user experience as a result of dotless domains.
4. The impact on stability and security varies from TLD string to TLD string. Some have more significant implications than others.
5. There may be important benefits (in terms of navigation, branding, security, stability and trust) to consumers and registries from dotless domains.
6. This same “some software is implemented in a non-standard way” argument could have been made to prohibit the introduction of TLDs longer than three characters, such as .info, or IDN TLDs. They were introduced anyway and do not contribute to instability.
7. The new gTLD Guidebook and Registry Agreement already provide for a thorough review of any registry proposal for dotless functionality in a TLD.
8. The community developed a consensus policy on how matters like this should be handled—the RSEP process. Implementation of a contractual prohibition on dotless domains via this SSAC report (and comments on it) is not following that consensus policy. Such an approach would undermine the ICANN model of policy development.

DO DOTLESS STRINGS DETERMINE SEARCH?
The DNS standards provide for dotless domains and have done so for some time. The majority of concerns identified in the report are attributed to some applications or operating systems that do not properly recognize the precedence of the DNS standard.

For example, the report discusses a common browser algorithm that determines whether the domain in the address bar has two or more labels separated by at least one dot.

This browser, the report states, would conclude that a dotless string was not a domain, and hence would not resolve that address bar entry to the site specified by the A-record for that domain. Rather, the report states, the browser would treat the entry as a search term — as if the label had been entered into a search engine box rather than a browser address bar.

This is, by and large, incorrect.

Browsers do not use the dotless nature of the string to determine if the user intended a search.

SEARCH COMES LAST
Let’s say a user typed ‘SATURN’ into a browser address bar. If the browser first interpreted this as a search term (due to SATURN not containing dots), and therefore performed a search before checking the DNS, the browser would always do a search first and never attempt to resolve it or recognize it as a local network resource.

However, search happens last. As browsers do recognize local network resources (if set up as such) the browser cannot be using the dotless nature of the string to first determine whether a search should be performed. Some browsers may make this “it’s a search” determination later, but none do it first. Logically, search must be last in the order. Therefore, browsers do not need to—and thus do not— use the dotless nature of the string to determine whether or not to do a search.

The introduction of a dotless domain for a TLD will not have a sudden or immediate impact on user experiences, as: (1) applications that continue to resolve dotless strings inconsistently will provide users with the same experience they do now; and (2) applications and operating systems that resolve in a manner consistent with the standard will return an IP address (for TLDs that have an A-record) rather than an error message — which actually will be an enhanced user experience and more likely what the user intended.

In general, the effects of dotless domains are likely to vary significantly from TLD to TLD. For example, in the context of the LAN issue discussed above, a dotless TLD named ‘HOME’, a common hostname for local devices and search suffixes, is likely to have more impact on LANs than a dotless domain named ‘AMERICANFAMILY’.

The report has made no assessment of the potential benefits of dotless domains, and such an assessment must precede any across- the-board ban. Dotless domains have the potential to benefit user experience in terms of faster and more intuitive addressing and navigating as standards are established and embraced.

The benefits of dotless domains may vary from TLD to TLD. In particular, brand TLDs will strongly benefit.

A brand TLD with dotless functionality benefits from improved trust, stability and security coming from DNS resolution at a higher level in the DNS hierarchy.

A user typing the brand’s TLD into a browser (without dots) would be directed to a site of the brand’s choosing, rather than to a variety of “search-related” sites, or sites imposed by a potentially nefariously installed plug-in (both occurring later in the name resolution order of operations).

A blanket contractual ban on dotless domains is not appropriate at this time. SAC 053 does not provide sufficient argument to justify such a ban—in particular, it does not attempt to measure the potential negative consequences of dotless domains, address variations in such impact between differing TLDs, address or attempt to measure the benefits of dotless TLDs, or recognize the existing, strong protections in the new TLD Guidebook (the RSEP procedure).