Skip to main content

Top-level Domains for Private Internets

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Roy Arends , Joe Abley , Eberhard Lisse
Last updated 2023-10-13 (Latest revision 2021-04-10)
Replaces draft-dnsop-private-use-tld, draft-arends-private-use-tld
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


There are no defined private-use namespaces in the Domain Name System (DNS). For a domain name to be considered private-use, it needs to be future-proof in that its top-level domain will never be delegated from the root zone. The lack of a private-use namespace has led to locally configured namespaces with a top-level domain that is not future proof. The DNS needs an equivalent of the facilities provided by BCP 5 (RFC 1918) for private internets, i.e. a range of short, semantic-free top-level domains that can be used in private internets without the risk of being globally delegated from the root zone. This document describes a particular set of code points which, by virtue of the way they have been designated in the ISO 3166 standard, are thought to be plausible choices for the implementation of private namespaces that are anchored in top-level domains. The ISO 3166 standard is used for the definition of eligible designations for country-code top-level Domains. This standard is maintained by the ISO 3166 Maintenance Agency. The ISO 3166 standard includes a set of user-assigned code elements that can be used by those who need to add further names to their local applications. Because of the rules set out by ISO in their standard, it is extremely unlikely that these user-assigned code elements would ever conflict with delegations in the root zone under current practices. In order to avoid the operational and security consequences of collisions between private and global use of these code elements as top-level domains, this document specifies that such top-level domains should never be deployed in the global namespace, and reserves them accordingly in the Special-Use Names Registry [RFC6761].


Roy Arends
Joe Abley
Eberhard Lisse

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)