User Assigned ISO 3166-1 Alpha-2 Codes and the DNS Root Zone
Active Internet-Draft (individual)
||Intended RFC status
||(No stream defined)
||RFC Editor Note
||Send notices to
Independent Submission E. Lewis
Internet-Draft R. Arends
Expires: May 3, 2020 Date: November 3, 2019
User Assigned ISO 3166-1 Alpha-2 Codes
and the DNS Root Zone
The ISO 3166 standard is used for the definition of eligible designations for
country code Top Level Domains. This standard is maintained by the ISO 3166
Maintenance Agency. The ISO 3166 standard contains a set of User-Assigned
code elements. This document describes that these values can be used as top
level domains for private DNS resolution.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 3, 2020.
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 1
2. Private-Use Top-Level Domain . . . . . . . . . . . . . . . . 1
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 1
4. Security Considerations . . . . . . . . . . . . . . . . . . . 1
5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 1
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 1
7. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 1
The practice governing the delegation of ASCII two-letter domain names in
the DNS [STD 13] root zone is to employ the ISO 3166-1 standard [ISO3166-1].
The ISO 3166-1 standard provides for multiple types of codings, with the
ASCII two-letter codes (known as "alpha 2" codes) being used in the DNS to
potentially represent countries and territories as country-code top-level
domains (ccTLDs) [RFC1591]. The interrelationship is documented in "ICANN
and the ISO, A Common Interest in ISO Standard 3166" [ICANN ISO].
In addition to these assigned codes, there are values designated as "User
Assigned". Quoting ISO 3166-1:2013 clause 8.1.3 "User-assigned code elements"
"If users need code elements to represent country names not included
in this part of ISO 3166, the series of letters AA, QM to QZ, XA to
XZ, and ZZ, and the series AAA to AAZ, QMA to QZZ, XAA to XZZ, and
ZZA to ZZZ respectively and the series of numbers 900 to 999 are
NOTE Users are advised that the above series of codes are not
universals, those code elements are not compatible between different
For the purposes of this document, ISO 3166-1 "alpha-2 user-assigned codes"
are defined to be AA, QM to QZ, XA to XZ, and ZZ. The ranges ("to") are
alphabetic and contain only characters in the US-ASCII definition [RFC20].
The codes are case insensitive.
The quoted text explicitly states "code elements to represent country names"
with the emphasis on the term "country names". Using code elements to
represent something different than "country names" might at first appear to
go against the intended use of the standard. However, many organisations,
including the ISO, have used the user-assigned range to represent entities
other than country names. The following list is not meant to be exhaustive,
but to illustrate the different uses of the user-assigned range:
ISO 3901 uses “ZZ” for direct registrants independent of any country.
ISO 4217 uses the “XA..XZ” range for transactions and precious metals.
ISO 6166 uses "XS" for securities cleared through Euroclear/Clearstream.
ICAO uses “ZZ” for UN travel documents.
RFC5646 contains a section and examples dedicated to Private Use Sub-tags
WIPO has 5 User Assigned code elements allocated to identify regional
agencies and patent offices, and allocated "XX" for "Unknown states,
other entities or organizations”.
CABForum uses "XX" to signify a location not covered by ISO3166-1.
[references to be added in -01]
2. Private-Use Top-Level Domain
Two areas of identifier use have been identified that can benefit from the
use of private-use namespace:
1. Local-only usage. In locally configured environments where
Internet traffic will not traverse the global Internet. While it is
preferred that such usages use sub-domains within another domain
registered for the specific hosting entity, not all such configurations
have such a domain available. This is analogous to the use of private
addressing described in [RFC 1918].
2. Use by DNS-like applications. Some applications use network identifiers
that are similar in appearance to domain names, and may be interpreted
by software as domain names, but are not intended to use the global
DNS resolution service (such as connecting to the DNS root servers via
port 53 and performing recursive lookups). Using namespace allocated
for private-use will guard against conflicts with the global DNS
This document recommends ZZ as a private-use TLD that can be used to support
these two functions. The User Assigned classification of the ZZ code element
in the ISO 3166-1 alpha 2 standard allows for the assumption that these codes
will never risk requiring delegation through future assignment to represent a
country or territory.
3. IANA Considerations
To Be Added.
4. Security Considerations
Names appearing to be domain names ending in alpha-2 user-assigned codes
will be independent of the root zone, hence nothing can be said about their
security implications from the root zone perspective.
This document is based on a earlier draft by Ed Lewis. David Conrad, Jaap
Akkerhuis, Kal Feher, Andrew Sullivan, Kim Davies so far have played a role.
6.1. Normative References
[STD 13] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, November 1987 and Mockapetris, P.,
"Domain names - implementation and specification",
STD 13, RFC 1035, November 1987.
[RFC 20] Cerf, V., "ASCII format for network interchange",
STD 80, RFC 20, October 1969.
[RFC 1591] Postel, J., "Domain Name System Structure and Delegation",
RFC 1591, March 1994.
[RFC 1918] Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G., and
E. Lear, "Address Allocation for Private Internets",
BCP 5, RFC 1918, February 1996.
[ISO 3166-1] ISO 3166-1:2013 "Codes for the representation of names of
countries and their subdivisions -- Part 1: Country codes"
[ICANN ISO] https://www.icann.org/resources/pages/
7. Author's Address
Arends Expires May 3, 2020 [Page 1]