The "_for-sale" Underscored and Globally Scoped DNS Node Name
draft-davids-forsalereg-21
| Document | Type | Active Internet-Draft (individual in ops area) | |
|---|---|---|---|
| Author | Marco Davids | ||
| Last updated | 2026-02-10 (Latest revision 2026-02-05) | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | Informational | ||
| Formats | |||
| Reviews |
ARTART Telechat review
(of
-19)
by Takahiro Nemoto
Ready w/nits
DNSDIR Early review
(of
-09)
by James Gannon
Ready w/issues
|
||
| IETF conflict review | conflict-review-davids-forsalereg | ||
| Additional resources |
GitHub Repository
Related Implementations Additional Web Page |
||
| Stream | WG state | (None) | |
| Document shepherd | Joe Abley | ||
| Shepherd write-up | Show Last changed 2026-01-08 | ||
| IESG | IESG state | RFC Ed Queue | |
| Action Holders |
(None)
|
||
| Consensus boilerplate | Yes | ||
| Telechat date | (None) | ||
| Responsible AD | Mohamed Boucadair | ||
| Send notices to | (None) | ||
| IANA | IANA review state | IANA OK - Actions Needed | |
| IANA action state | RFC-Ed-Ack | ||
| IANA expert review state | Expert Reviews OK | ||
| RFC Editor | RFC Editor state | EDIT | |
| Details |
draft-davids-forsalereg-21
Network Working Group M. Davids
Internet-Draft SIDN Labs
Intended status: Informational 5 February 2026
Expires: 9 August 2026
The "_for-sale" Underscored and Globally Scoped DNS Node Name
draft-davids-forsalereg-21
Abstract
This document defines an operational convention that uses the
reserved underscored DNS leaf node name "_for-sale" to indicate the
parent domain name is available for purchase.
The convention can be deployed without disrupting existing
operations, and it may be applied even when the domain name is still
actively in use.
About This Document
This note is to be removed before publishing as an RFC.
This document contains a "Note to the RFC Editor" requesting removal
of Section 6 prior to publication. Please also review the Status of
This Memo section and other relevant parts before publication,
particularly Section 7.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 9 August 2026.
Davids Expires 9 August 2026 [Page 1]
Internet-Draft _for-sale DNS Node Name February 2026
Copyright Notice
Copyright (c) 2026 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. General Record Format . . . . . . . . . . . . . . . . . . 4
2.2. Content Tag Type Definitions . . . . . . . . . . . . . . 6
2.2.1. fcod . . . . . . . . . . . . . . . . . . . . . . . . 6
2.2.2. ftxt . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2.3. furi . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2.4. fval . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2.5. Future Tags . . . . . . . . . . . . . . . . . . . . . 9
2.3. Content Limitations . . . . . . . . . . . . . . . . . . . 9
2.4. RRset Limitations . . . . . . . . . . . . . . . . . . . . 10
2.5. Wildcard Limitation . . . . . . . . . . . . . . . . . . . 10
2.6. Placement of the Leaf Node Name . . . . . . . . . . . . . 10
3. Operational Considerations . . . . . . . . . . . . . . . . . 11
3.1. DNS Wildcards . . . . . . . . . . . . . . . . . . . . . . 12
3.2. Handling of RDATA . . . . . . . . . . . . . . . . . . . . 12
3.3. Currency . . . . . . . . . . . . . . . . . . . . . . . . 13
3.4. TTLs . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.5. Ambiguous Constructs . . . . . . . . . . . . . . . . . . 13
3.6. Robustness . . . . . . . . . . . . . . . . . . . . . . . 13
3.7. Scope of Application . . . . . . . . . . . . . . . . . . 14
4. Security Considerations . . . . . . . . . . . . . . . . . . . 14
5. Privacy Considerations . . . . . . . . . . . . . . . . . . . 15
6. Implementation Status . . . . . . . . . . . . . . . . . . . . 15
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 16
8.1. Normative References . . . . . . . . . . . . . . . . . . 16
8.2. Informative References . . . . . . . . . . . . . . . . . 17
Appendix A. Additional Examples . . . . . . . . . . . . . . . . 19
A.1. Example 1: Code Format . . . . . . . . . . . . . . . . . 19
A.2. Example 2: Free Text Format . . . . . . . . . . . . . . . 19
Davids Expires 9 August 2026 [Page 2]
Internet-Draft _for-sale DNS Node Name February 2026
A.3. Example 3: URI Format . . . . . . . . . . . . . . . . . . 20
A.4. Example 4: Asking Price Format . . . . . . . . . . . . . 20
A.5. Example 5: Combinations . . . . . . . . . . . . . . . . . 20
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 21
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction
Well-established services [RFC3912][RFC9083] exist for determining
whether a DNS domain name is registered. However, the existence of a
domain name does not necessarily imply that it cannot be obtained; it
may still be available for sale.
Some registrars and other parties offer brokerage services between
domain name holders and interested buyers. Such services are of
limited value when the domain name is not available for purchase, but
they may be beneficial for domain names that are explicitly marked as
for sale.
This document defines a simple method to explicitly signal that a
domain name, although registered, is available for purchase. It
enables a domain name holder to add a reserved underscored leaf node
name [RFC8552] in the zone, indicating that the domain name is for
sale. The indicator can be turned on and off at will and, moreover,
it is immediately deployable and does not require significant changes
in existing services, allowing for a smooth introduction of the
concept.
The TXT RR type [RFC1035] created for this purpose must follow the
formal definition of Section 2. Its content may contain a pointer,
such as a Uniform Resource Identifier (URI) [RFC3986], an
Internationalized Resource Identifier (IRI) [RFC3987] or another
string, allowing interested parties to obtain information or contact
the domain name holder for further negotiations. Details about
whether and how such negotiations occur are out of scope.
With due caution, such information can also be incorporated into
automated availability services. When checking a domain name for
purchasability, the service may indicate whether it is for sale and
provide a pointer to the seller's information.
The TXT content defined by this document is intended primarily for
human-readable informational display, rather than for algorithmic
string comparison or automated processing.
The operational convention described in this document does not
require any protocol change.
Davids Expires 9 August 2026 [Page 3]
Internet-Draft _for-sale DNS Node Name February 2026
Examples are provided in Appendix A.
1.1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
Although the document defines an operational convention rather than a
protocol extension, normative language is used to promote consistent
and unambiguous behaviours among entities that adopt the convention.
The term "processor" refers to an entity (person, system, or service)
that reads, interprets, and takes appropriate actions based on "_for-
sale" DNS labels, whether manually or automatically.
The term "for sale" is used in a broad sense and may also refer to
cases where the domain name is available for lease, or where the
contractual right to use the domain name is offered to another party.
DNS terminology in this document follows [RFC9499].
2. Conventions
2.1. General Record Format
Each "_for-sale" TXT record MUST begin with a version tag, optionally
followed by a string containing content that follows a simple
"tag=value" syntax.
The formal definition of the record format, using ABNF
[RFC5234][RFC7405], is as follows:
forsale-record = forsale-version [forsale-content]
; referred to as 'content' or RDATA
; in a single character-string
forsale-version = %s"v=FORSALE1;"
; %x76.3D.46.4F.52.53.41.4C.45.31.3B
; version tag, case-sensitive, no spaces
forsale-content = fcod-pair / ftxt-pair / furi-pair / fval-pair
; referred to as 'tag-value pairs'
; only one tag-value pair per record
fcod-pair = fcod-tag fcod-value
Davids Expires 9 August 2026 [Page 4]
Internet-Draft _for-sale DNS Node Name February 2026
ftxt-pair = ftxt-tag ftxt-value
furi-pair = furi-tag furi-value
fval-pair = fval-tag fval-value
; the tags are referred to as 'content tags'
; the values are referred to as 'content values'
fcod-tag = %s"fcod="
ftxt-tag = %s"ftxt="
furi-tag = %s"furi="
fval-tag = %s"fval="
; all content tags case-sensitive lowercase
fcod-value = 1*239OCTET
ftxt-value = 1*239OCTET
furi-value = URI / IRI
; 'http', 'https', 'mailto' and 'tel' URI schemes
; exactly one URI or IRI
URI = <as defined in RFC3986, Appendix A>
IRI = <as defined in RFC3987, Section 2.2>
fval-value = fval-currency fval-amount
; total length: 2 to 239 characters
fval-currency = 1*%x41-5A
; one or more uppercase letters (A-Z)
; indicating (crypto)currency
; e.g., USD, EUR, BTC, ETH
; standard three-letter fiat currencies recommended
fval-amount = int-part [ %x2E frac-part ]
; integer part with optional fractional part
; e.g., 0.00010
int-part = 1*DIGIT
frac-part = 1*DIGIT
See Section 2.2 for more detailed format definitions per content tag
type.
Each "_for-sale" TXT record MUST NOT contain more than one tag-value
pair, but multiple TXT records MAY be present in a single RRset.
Every tag-value pair in the RRset MUST be unique, but multiple
instances of the same content tag MAY occur within a single RRset
(e.g., two "fcod=" content tags, each with a different content
value).
See Section 2.4 for additional RRset limitations.
Davids Expires 9 August 2026 [Page 5]
Internet-Draft _for-sale DNS Node Name February 2026
The OPTIONAL forsale-content provides information to interested
parties as explained in Section 1.
If the forsale-content is absent or invalid, but a valid version tag
is present, processors SHOULD assume that the domain is for sale
unless a local policy indicates otherwise. For example:
_for-sale.example.com. IN TXT "v=FORSALE1;"
_for-sale.example.com. IN TXT "v=FORSALE1;fcod="
_for-sale.example.com. IN TXT "v=FORSALE1;foo=bar"
In such cases, processors determine how to proceed. An approach
might be to signal that the domain is for sale and to rely on
conventional mechanisms (e.g., WHOIS or Registration Data Access
Protocol (RDAP)) to retrieve and present contact information.
TXT records in the same RRset that lack a version tag MUST NOT be
interpreted as a valid "_for-sale" indicator. However, they may
still offer some additional information for humans when considered
alongside a valid record. For example:
_for-sale.example.com. IN TXT "I am for sale"
_for-sale.example.com. IN TXT "v=FORSALE1;fcod=XX-NGYyYjEyZWY"
If no TXT records at a "_for-sale" leaf node name contain a valid
version tag, processors MUST consider the node name invalid and MUST
ignore it.
See Section 2.3 for additional content limitations.
2.2. Content Tag Type Definitions
The following content tags are defined as valid content tags.
Content tags are optional. Providing at least one to give interested
parties a pointer for engagement is RECOMMENDED.
2.2.1. fcod
This content tag is intended to contain a code that is meaningful
only to processors that understand its semantics. The content value
MUST consist of at least one octet.
The manner in which the "fcod=" content tag is used is determined by
agreement between cooperating parties.
Davids Expires 9 August 2026 [Page 6]
Internet-Draft _for-sale DNS Node Name February 2026
For example, a domain name registry may allow registrars to enter a
"for sale" URL into their back-end system. From that URL, a unique
code is generated. This code is inserted as the value of the "fcod="
content tag of the "_for-sale" TXT record of a domain name, as shown
in the example below.
When a user checks the availability of the domain name using a
registry-provided tool (e.g., a web interface), the domain name
registry may use the code to redirect the user to the appropriate
"for sale" URL, which may include a query component containing the
domain name, for example:
https://forsale-url.example.com/exco?d=example.org
The rationale for this approach is that controlling parties retain
authority over redirection URLs and any other information derived
from the content tag, thereby preventing users from being sent to
unintended or malicious destinations or from being presented with
unintended content. This approach also allows the interpretation of
"fcod=" content values to be adjusted centrally in back-end systems,
such as determining which "for sale" URL to redirect to, without
modifying the "_for-sale" TXT records.
The following example shows a string encoded using Base64 [RFC4648]
preceded by the prefix "EXCO-" as the value of the content tag:
_for-sale IN TXT "v=FORSALE1;fcod=EXCO-S2lscm95IHdhcyBoZXJl"
See the Additional Examples section for other possible uses of this
content tag.
Note: As an implementation consideration, when multiple parties are
involved in the domain sale process and use the same mechanism, it
may be difficult to identify the relevant content in an RRset.
Adding a recognisable prefix to the content (e.g., "EXCO-") is one
possible approach. However, this is left to the implementor, as it
is not enforced in this document. In this case, Example Corporation
(ExCo) would recognise its content tag and interpret it as intended.
This example uses Base64 encoding to avoid escaping and ensure
printable characters, though this is OPTIONAL and not required.
2.2.2. ftxt
This content tag is intended to contain concise, human-readable text
that conveys additional information to interested parties. For
example:
_for-sale IN TXT "v=FORSALE1;ftxt=Call for info."
Davids Expires 9 August 2026 [Page 7]
Internet-Draft _for-sale DNS Node Name February 2026
While a single octet is the minimum, it is RECOMMENDED to provide
more context.
While a URI in this field is not syntactically prohibited, its
interpretation as a URI is not guaranteed. Use of URIs in this field
SHOULD be avoided in favour of the "furi=" content tag.
See Section 2.2.4 for a way to explicitly indicate an asking price
for easier machine parsing.
See Section 3.2 for considerations regarding the representation of
non-ASCII data in the content value.
2.2.3. furi
This content tag is intended to contain a human-readable and machine-
parsable URI that can be used by interested parties to retrieve
further information.
While the syntax allows any URI scheme, only the following schemes
are RECOMMENDED for use: 'http' and 'https' [RFC9110], 'mailto'
[RFC6068][RFC6530] (Section 11.1), and 'tel' [RFC3966].
The content value MUST contain exactly one URI. For example:
_for-sale IN TXT "v=FORSALE1;furi=https://example.com/foo%20bar"
URIs MUST conform to the syntax and encoding requirements specified
in Section 2.1 of [RFC3986], including the percent-encoding of
characters not allowed unencoded (e.g., spaces must be encoded as %20
in a URI).
Section 3.2 provides additional guidelines on character encoding.
See the Security Considerations section for possible risks.
Note: References to a URI in this document also encompass IRIs
[RFC3987].
2.2.4. fval
This content tag is intended to contain human-readable and machine-
parsable text that explicitly indicates an asking price in a certain
currency.
Davids Expires 9 August 2026 [Page 8]
Internet-Draft _for-sale DNS Node Name February 2026
Price information is commonly published by domain sellers. The
"fval=" content tag provides a structured format for this purpose,
enabling reliable machine parsing and reducing ambiguity compared to
embedding prices in free-form "ftxt=" content tags. For example:
_for-sale IN TXT "v=FORSALE1;fval=EUR999"
The information provided in "fval=" is not binding and is intended
for indicative purposes only. Current and reliable information can
be obtained by engaging directly via "furi=" or other available
communication mechanisms.
See Section 3.3 for additional operational guidelines and the
Security Considerations section for possible risks.
2.2.5. Future Tags
Future tags may be defined to accommodate operational needs. Future
content tags MUST NOT alter the semantics of existing content tags.
A tag name length of 4 characters is RECOMMENDED for consistency with
the initial tag set and to maintain compact record formats.
2.3. Content Limitations
The "_for-sale" TXT record [RFC8553] (Section 2.1) MUST contain
content deemed valid under the operational convention defined in this
document.
The "_for-sale" indicator is only to be used for domain names that
are available for purchase. Any text suggesting that a domain is not
for sale is invalid content. When a domain name is no longer for
sale, the "_for-sale" indicator is to be removed.
The existence of a "_for-sale" leaf node name does not obligate the
holder to sell the domain name; it may have been published in error,
or withdrawn later for other reasons.
This document does not dictate the exact use of any content values in
the "_for-sale" TXT record. Parties may use it in their tools,
perhaps even by defining specific requirements that the content value
must meet. Content values can also be represented in a human-
readable format for individuals to interpret. See the Additional
Examples section for clarification.
See Section 3 for additional guidelines.
Davids Expires 9 August 2026 [Page 9]
Internet-Draft _for-sale DNS Node Name February 2026
2.4. RRset Limitations
This document does not impose a limit on the number of TXT records in
the RRset of "_for-sale" TXT records.
When multiple "_for-sale" TXT records are present in an RRset, the
processor MAY select one or more of them.
For example, a domain name registry might extract content from an
RRset that includes a recognisable "fcod=" content tag and use it to
direct visitors to a sales page as part of its services. An
individual, on the other hand, might extract a phone number (if
present) from a "furi=" tag in the same RRset and use it to contact a
potential seller.
An example of such a combined record is provided in Appendix A.5.
The RDATA [RFC9499] of each "_for-sale" TXT record MUST consist of a
single character-string [RFC1035] with a maximum length of 255
octets, to avoid the need to concatenate multiple character-strings
during processing.
The following example illustrates an invalid "_for-sale" TXT record
due to the presence of multiple character-strings:
_for-sale IN TXT "v=FORSALE1;" "ftxt=foo" "bar" "invalid"
2.5. Wildcard Limitation
Wildcards are only interpreted as leaf names, so "_for-
sale.*.example." is not a valid wildcard [RFC4592] and is non-
conformant. Hence, it is not possible to put all domains under a TLD
for sale with just one "_for-sale" TXT record.
The example below, however, shows a common use case where a "_for-
sale" leaf node name exists alongside a wildcard:
* IN A 198.51.100.80
IN AAAA 2001:db8::80
_for-sale IN TXT "v=FORSALE1;ftxt=Only $99 at ExCo"
2.6. Placement of the Leaf Node Name
The "_for-sale" leaf node name can be placed at any level of the DNS
except in the .arpa infrastructure TLD.
Table 1 illustrates this:
Davids Expires 9 August 2026 [Page 10]
Internet-Draft _for-sale DNS Node Name February 2026
+================================+================+================+
| Name | Situation | Verdict |
+================================+================+================+
| _for-sale.example. | root zone | For sale |
+--------------------------------+----------------+----------------+
| _for-sale.aaa.example. | second level | For sale |
+--------------------------------+----------------+----------------+
| _for-sale.exco.bbb.example. | third level | For sale |
| | with public | |
| | registry | |
+--------------------------------+----------------+----------------+
| _for-sale.www.ccc.example. | third level | See note 1 |
| | without public | |
| | registry | |
+--------------------------------+----------------+----------------+
| _for-sale.51.198.in-addr.arpa. | infrastructure | See note 2 |
| | TLD | |
+--------------------------------+----------------+----------------+
| xyz._for-sale.example. | Invalid | Non-conformant |
| | placement, not | |
| | a leaf | |
+--------------------------------+----------------+----------------+
Table 1: Placements of TXT record
Note 1: When the "_for-sale" leaf node name is applied to a label
under a subdomain, there may not be a public domain name registry
[RFC9499] capable of properly recording the rights associated with
that label. Nevertheless, this does not constitute a violation of
this document. One possible approach is for the involved parties to
establish a mutual agreement to formalise these rights.
Note 2: If a "_for-sale" leaf node name were to appear under the
.arpa infrastructure top-level domain, it might be interpreted as an
offer to sell IP address space, E.164 numbers or the like. However,
such use is explicitly out of scope for this document, and processors
MUST ignore any such records.
The operational convention in this document is designed for the
global DNS. Application to Special-Use Domain Names [RFC6761] (e.g.,
.onion, .alt) is out of scope.
3. Operational Considerations
Davids Expires 9 August 2026 [Page 11]
Internet-Draft _for-sale DNS Node Name February 2026
3.1. DNS Wildcards
DNS wildcards interact poorly with underscored names [RFC8552]
(Section 1.4), but they may still be encountered in practice,
especially with operators who are not implementing this mechanism.
This is why the version tag is a mandatory element: it allows
processors to distinguish valid "_for-sale" records from unrelated
TXT records.
Nonetheless, any assumptions about the content of "_for-sale" TXT
records should be made with caution, particularly in edge cases where
wildcard expansion - possibly combined with DNS aliases (e.g.,
CNAMEs) or redirections (e.g., DNAMEs [RFC6672]) - might result in
misleading listings or unintended references to third-party domains.
3.2. Handling of RDATA
Since this method relies on DNS TXT records, standard content rules
apply as defined in [RFC1035] (Section 3.3.14). This includes the
possibility of including non-ASCII data in the content value.
When non-ASCII data is used, interpretation may become ambiguous.
For this reason, it is RECOMMENDED that text in content values be
encoded in UTF-8 [RFC3629], conform to the Network Unicode format
[RFC5198], and use a subset of Unicode code points consistent with
[RFC9839] (Section 4.3), with the exception of %x09, %x0A, and %x0D,
which are best avoided.
Processors are RECOMMENDED to handle such encodings to ensure that
non-ASCII content values are correctly interpreted and represented.
Internationalized Domain Names (IDN) (e.g., in the "furi=" content
tag) MAY appear as A-labels as well as U-labels [RFC5890], with
U-labels encoded as described above.
Implementation Note: Some DNS query tools return DNS records in
presentation format, rather than the underlying RDATA content.
Parsers of the ABNF in this document MUST ensure they operate on the
raw TXT RDATA content, not its escaped presentation format [RFC1035]
(Section 5.1). If the TXT RDATA consists of multiple character-
strings, they SHOULD be concatenated into a single contiguous string
prior to being interpreted as a UTF-8 encoded value matching the
ABNF.
See Section 3.6 for additional guidelines and the Security
Considerations section for possible risks.
Davids Expires 9 August 2026 [Page 12]
Internet-Draft _for-sale DNS Node Name February 2026
3.3. Currency
The ABNF in Section 2.1 allows currency codes consisting of one or
more uppercase letters, providing flexibility to accommodate both
standard fiat currencies and other widely recognised abbreviations,
such as cryptocurrencies.
The use of standard fiat currencies is RECOMMENDED. When used, they
MUST be represented by three-letter uppercase currency codes as
specified in [ISO4217] (e.g., USD, EUR, GBP and JPY).
The amount component consists of an integer part, optionally followed
by a fractional part separated by a decimal point (%x2E, ".").
3.4. TTLs
Long TTLs [RFC1035] (Section 3.2.1) increase the risk of outdated
data misleading buyers into thinking the domain is still available or
that advertised prices remain current.
A TTL of 3600 seconds (1 hour) or less is RECOMMENDED and the TTL
values of all records in an RRset have to be the same [RFC2181]
(Section 5.2).
3.5. Ambiguous Constructs
Ambiguous constructs in content values SHOULD be avoided, as
illustrated by the following example:
_for-sale IN TXT "v=FORSALE1;fcod=TRIP-confusing;ftxt=dont_do_this"
The above example is a valid "fcod=" content tag that includes the
string ";ftxt=" in the content value, which may be confusing, as it
does not actually represent an "ftxt=" content tag.
3.6. Robustness
Because the format of the content part is not strictly defined in
this document, processors MAY apply the robustness principle of being
liberal in what they accept. This also applies to space characters
(%x20) immediately following the version tag.
Alternatively, parties may agree on a more strictly defined
proprietary format for the content value to reduce ambiguity.
However, it is out of scope to discuss which mechanisms are put in
place for such agreements.
Davids Expires 9 August 2026 [Page 13]
Internet-Draft _for-sale DNS Node Name February 2026
When encountering unexpected, or prohibited control characters in
"ftxt=" content (e.g., %x09, %x0A, %x0B, %x0D, see Section 3.2),
processors MAY sanitise them by replacing them with spaces (%x20) to
ensure correct representation, or replacing them with the Unicode
REPLACEMENT CHARACTER U+FFFD (%xEF.BF.BD) to signal the presence of
problematic content.
3.7. Scope of Application
The "_for-sale" mechanism relies upon the domain name being
resolvable in the DNS. This is not guaranteed, for example, during a
redemption period, in pendingDelete status [STD69], or when the
domain is DNSSEC-signed but fails validation (i.e., has a bogus
state).
4. Security Considerations
One use of the TXT record type defined in this document is to parse
the content it contains and to publish certain information from it on
a website or elsewhere. However, there is a risk if the domain name
holder publishes a malicious URI or one that points to improper
content. This may result in reputational damage to the party parsing
the record.
An even more serious scenario arises when the content of the TXT
record is not properly validated and sanitised, potentially enabling
attacks such as XSS or SQL injection, as well as spoofing techniques
based on Unicode manipulation, including bidirectional text attacks
and homograph attacks.
Therefore, parsing and publishing this information requires careful
validation to ensure that only valid characters and formats are
processed. Possible mitigation strategies include output
sanitisation, maintaining a curated and validated list of URIs, or
applying other validation methods, such as URI reputation checks
before display.
Automatically following URIs from "_for-sale" records without user
consent creates security risks, including exposure to malware,
phishing pages, and scripted attacks. Processors MUST NOT
automatically redirect users when encountering "furi=" content tags
without requiring explicit confirmation before navigation. This
allows users to inspect the destination before proceeding.
Some URI schemes RECOMMENDED in Section 2.2.3 do not mandate
transport security (e.g., 'http', 'mailto'); therefore, more secure
schemes such as 'https' are preferred.
Davids Expires 9 August 2026 [Page 14]
Internet-Draft _for-sale DNS Node Name February 2026
There is also a risk that this method will be abused as a marketing
tool, or to lure individuals into visiting certain sites or making
contact by other means, without there being any intention to actually
sell the domain name.
Domain name holders may advertise artificially low prices and
processors that present "fval=" data to users SHOULD display
appropriate disclaimers (e.g., "Price indicative only - verify with
seller"). Automated systems SHOULD NOT make purchase commitments
based solely on advertised prices without human verification.
5. Privacy Considerations
The use of the "_for-sale" leaf node name publicly indicates the
intent to sell a domain name. Domain name holders should be aware
that this information is accessible to anyone querying the DNS and
may have privacy implications.
There is a risk of data scraping, such as email addresses and phone
numbers.
Publishing contact information may expose domain name holders to
spam, or unwanted contact.
6. Implementation Status
The concept described in this document has been in use at the .nl
ccTLD registry since 2022, when it initially started as a pilot.
Since then, hundreds of thousands of domain names have been marked
with the "_for-sale" indicator. See for example:
https://www.sidn.nl/en/whois?q=example.nl
The Dutch domain name registry SIDN offers registrars the option to
register a sales landing page via its registrar dashboard following
the "fcod=" method. When this option is used, a unique code is
generated, which can be included in the "_for-sale" record. If such
a domain name is entered on the domain finder page of SIDN, a "for
sale" button is displayed accordingly.
A simple demonstration of a validator is present at:
https://forsalereg.sidnlabs.nl/demo
<NOTE TO RFC EDITOR: Please remove this section before publication as
per RFC7942.>
Davids Expires 9 August 2026 [Page 15]
Internet-Draft _for-sale DNS Node Name February 2026
7. IANA Considerations
IANA is requested to add the following entry to the "Underscored and
Globally Scoped DNS Node Names" registry [RFC8552] :
+=========+============+=============+
| RR Type | _NODE NAME | Reference |
+=========+============+=============+
| TXT | _for-sale | <this memo> |
+---------+------------+-------------+
Table 2: Entry for the
"Underscored and Globally Scoped
DNS Node Names" registry
8. References
8.1. Normative References
[ISO4217] SIX Group, "ISO 4217 Currency Codes",
<https://www.iso.org/iso-4217-currency-codes.html>.
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <https://www.rfc-editor.org/info/rfc1035>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS
Specification", RFC 2181, DOI 10.17487/RFC2181, July 1997,
<https://www.rfc-editor.org/info/rfc2181>.
[RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November
2003, <https://www.rfc-editor.org/info/rfc3629>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005,
<https://www.rfc-editor.org/info/rfc3986>.
[RFC3987] Duerst, M. and M. Suignard, "Internationalized Resource
Identifiers (IRIs)", RFC 3987, DOI 10.17487/RFC3987,
January 2005, <https://www.rfc-editor.org/info/rfc3987>.
Davids Expires 9 August 2026 [Page 16]
Internet-Draft _for-sale DNS Node Name February 2026
[RFC5198] Klensin, J. and M. Padlipsky, "Unicode Format for Network
Interchange", RFC 5198, DOI 10.17487/RFC5198, March 2008,
<https://www.rfc-editor.org/info/rfc5198>.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234,
DOI 10.17487/RFC5234, January 2008,
<https://www.rfc-editor.org/info/rfc5234>.
[RFC5890] Klensin, J., "Internationalized Domain Names for
Applications (IDNA): Definitions and Document Framework",
RFC 5890, DOI 10.17487/RFC5890, August 2010,
<https://www.rfc-editor.org/info/rfc5890>.
[RFC7405] Kyzivat, P., "Case-Sensitive String Support in ABNF",
RFC 7405, DOI 10.17487/RFC7405, December 2014,
<https://www.rfc-editor.org/info/rfc7405>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC9839] Bray, T. and P. Hoffman, "Unicode Character Repertoire
Subsets", RFC 9839, DOI 10.17487/RFC9839, August 2025,
<https://www.rfc-editor.org/info/rfc9839>.
8.2. Informative References
[RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912,
DOI 10.17487/RFC3912, September 2004,
<https://www.rfc-editor.org/info/rfc3912>.
[RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers",
RFC 3966, DOI 10.17487/RFC3966, December 2004,
<https://www.rfc-editor.org/info/rfc3966>.
[RFC4592] Lewis, E., "The Role of Wildcards in the Domain Name
System", RFC 4592, DOI 10.17487/RFC4592, July 2006,
<https://www.rfc-editor.org/info/rfc4592>.
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
<https://www.rfc-editor.org/info/rfc4648>.
[RFC6068] Duerst, M., Masinter, L., and J. Zawinski, "The 'mailto'
URI Scheme", RFC 6068, DOI 10.17487/RFC6068, October 2010,
<https://www.rfc-editor.org/info/rfc6068>.
Davids Expires 9 August 2026 [Page 17]
Internet-Draft _for-sale DNS Node Name February 2026
[RFC6530] Klensin, J. and Y. Ko, "Overview and Framework for
Internationalized Email", RFC 6530, DOI 10.17487/RFC6530,
February 2012, <https://www.rfc-editor.org/info/rfc6530>.
[RFC6672] Rose, S. and W. Wijngaards, "DNAME Redirection in the
DNS", RFC 6672, DOI 10.17487/RFC6672, June 2012,
<https://www.rfc-editor.org/info/rfc6672>.
[RFC6761] Cheshire, S. and M. Krochmal, "Special-Use Domain Names",
RFC 6761, DOI 10.17487/RFC6761, February 2013,
<https://www.rfc-editor.org/info/rfc6761>.
[RFC8552] Crocker, D., "Scoped Interpretation of DNS Resource
Records through "Underscored" Naming of Attribute Leaves",
BCP 222, RFC 8552, DOI 10.17487/RFC8552, March 2019,
<https://www.rfc-editor.org/info/rfc8552>.
[RFC8553] Crocker, D., "DNS Attrleaf Changes: Fixing Specifications
That Use Underscored Node Names", BCP 222, RFC 8553,
DOI 10.17487/RFC8553, March 2019,
<https://www.rfc-editor.org/info/rfc8553>.
[RFC9083] Hollenbeck, S. and A. Newton, "JSON Responses for the
Registration Data Access Protocol (RDAP)", STD 95,
RFC 9083, DOI 10.17487/RFC9083, June 2021,
<https://www.rfc-editor.org/info/rfc9083>.
[RFC9110] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP Semantics", STD 97, RFC 9110,
DOI 10.17487/RFC9110, June 2022,
<https://www.rfc-editor.org/info/rfc9110>.
[RFC9499] Hoffman, P. and K. Fujiwara, "DNS Terminology", BCP 219,
RFC 9499, DOI 10.17487/RFC9499, March 2024,
<https://www.rfc-editor.org/info/rfc9499>.
[STD69] Internet Standard 69,
<https://www.rfc-editor.org/info/std69>.
At the time of writing, this STD comprises the following:
Hollenbeck, S., "Extensible Provisioning Protocol (EPP)",
STD 69, RFC 5730, DOI 10.17487/RFC5730, August 2009,
<https://www.rfc-editor.org/info/rfc5730>.
Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
Domain Name Mapping", STD 69, RFC 5731,
DOI 10.17487/RFC5731, August 2009,
<https://www.rfc-editor.org/info/rfc5731>.
Davids Expires 9 August 2026 [Page 18]
Internet-Draft _for-sale DNS Node Name February 2026
Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
Host Mapping", STD 69, RFC 5732, DOI 10.17487/RFC5732,
August 2009, <https://www.rfc-editor.org/info/rfc5732>.
Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
Contact Mapping", STD 69, RFC 5733, DOI 10.17487/RFC5733,
August 2009, <https://www.rfc-editor.org/info/rfc5733>.
Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
Transport over TCP", STD 69, RFC 5734,
DOI 10.17487/RFC5734, August 2009,
<https://www.rfc-editor.org/info/rfc5734>.
Appendix A. Additional Examples
A.1. Example 1: Code Format
A proprietary format, defined and used by agreement between parties -
for example, a domain name registry and its registrars - without a
clearly specified meaning for third parties. For example, it may be
used to automatically redirect visitors to a web page, as described
in Section 2.2.1:
_for-sale IN TXT "v=FORSALE1;fcod=XX-aHR0cHM...wbGUuY29t"
Note: the content value in the above example is truncated for
readability.
The use of the "fcod=" content tag is, in principle, unrestricted,
allowing implementers to define additional uses as needed. For
example, it may convey arbitrary formatting or conditional display
instructions, such as adding an extra banner (e.g., "eligibility
criteria apply") or specifying a style, including color, font,
emojis, or logos.
A.2. Example 2: Free Text Format
Free format text, with some additional unstructured information,
aimed at being human-readable:
_for-sale IN TXT "v=FORSALE1;ftxt=Eligibility criteria apply."
The content in the following example could be malicious, but it is
not in violation of the convention in this document (see the Security
Considerations):
_for-sale IN TXT "v=FORSALE1;ftxt=<script>...</script>"
Davids Expires 9 August 2026 [Page 19]
Internet-Draft _for-sale DNS Node Name February 2026
A.3. Example 3: URI Format
The holder of "example.com" wishes to signal that the domain is for
sale and adds this record to the "example.com" zone:
_for-sale IN TXT "v=FORSALE1;furi=https://example.com/fs?d=eHl6"
An interested party notices this signal and can visit the URI
mentioned for further information. The TXT record may also be
processed by automated tools, but see the Security Considerations
section for possible risks.
As an alternative, a 'mailto' URI could also be used:
_for-sale IN TXT "v=FORSALE1;furi=mailto:hq@example.com?subject=foo"
Or a telephone URI:
_for-sale IN TXT "v=FORSALE1;furi=tel:+1-201-555-0123"
There can be a use case for these URIs, especially since WHOIS (or
RDAP) often has privacy restrictions. But see the Privacy
Considerations section for possible downsides.
A.4. Example 4: Asking Price Format
Consists of an uppercase currency code (e.g., USD, EUR), followed by
a numeric amount. See Section 3.3 for additional guidelines.
In Bitcoins:
_for-sale IN TXT "v=FORSALE1;fval=BTC0.000010"
In US dollars:
_for-sale IN TXT "v=FORSALE1;fval=USD750"
A.5. Example 5: Combinations
An example of multiple valid TXT records from which a processor can
choose:
_for-sale IN TXT "v=FORSALE1;furi=https://fs.example.com/"
IN TXT "v=FORSALE1;ftxt=This domain name is for sale"
IN TXT "v=FORSALE1;fval=EUR500"
IN TXT "v=FORSALE1;fcod=EXCO-ZGVhZGJlZWYx"
IN TXT "v=FORSALE1;fcod=XYZ1-MTExLTIyMi0zMzMtNDQ0"
Davids Expires 9 August 2026 [Page 20]
Internet-Draft _for-sale DNS Node Name February 2026
Acknowledgements
The author would like to thank Thijs van den Hout, Caspar Schutijser,
Melvin Elderman, Ben van Hartingsveldt, Jesse Davids, Juan Stelling,
John R. Levine, Dave Lawrence, Andrew Sullivan, Paul Hoffman, Eliot
Lear (ISE), Viktor Dukhovni, James Gannon, Watson Ladd, Tim Wicinski,
Russ Housley, Takahiro Nemoto, Chongfeng Xie, Joe Abley and Mohamed
'Med' Boucadair for their valuable feedback.
Author's Address
Marco Davids
SIDN Labs
Meander 501
6825 MD Arnhem
Netherlands
Phone: +31 26 352 5500
Email: marco.davids@sidn.nl
Davids Expires 9 August 2026 [Page 21]