Add my.be to PRIVATE#2792
Conversation
Free .my.be subdomains
|
I've reviewed the submission details for my.be. The rationale provided regarding the prevention of 'shared' blacklisting for the parent domain is a valid use case for PSL inclusion in the PRIVATE section. To ensure this PR aligns perfectly with the PSL guidelines, I have two points for the submitter @myown-noc: Reference Comment: In the public_suffix_list.dat file, please ensure you've added a reference comment above the entry. For example: Verification of Infrastructure: Since the goal is to isolate cookies and prevent reputational bleed-over, could you confirm if MyCore also provides automated DNS record management (SPF/DKIM) for these subdomains? This would further justify the inclusion as a public-facing service provider. Overall, the DNS verification (TXT record) seems to be in place. Looking forward to seeing this merged once the formatting is finalized. |
|
MyOwn (and not mycore :)) does not provides automated DNS records but DNS full management interface where customers have the possibility to configure SPF/DKIM and other records. Customers also have the opportunity to use their own or external DNS (same behavior than registering any TLD domain, .com , ...) The reference comment is already included in the commit :
|
My apologies for the previous typo, @myown-noc. Thank you for the correction! I’ve looked further into the details and the Files changed. I see the reference comments have been added correctly on lines 14703-14704. Regarding the rationale, I noticed a point that might need clarification for the maintainers: you mentioned serving 100,000 users, but also noted currently having around 1,000 subdomains. Could you clarify if the 100,000 refers to projected growth or total visitors across those subdomains? Also, since the goal is to prevent reputational issues/blacklisting for the main zone, does MyOwn provide any automated tools for users to manage their own SPF/DKIM records to ensure mail deliverability once the isolation is in place? Just trying to help gather all the necessary technical details for the official review. Thanks! |
|
Hi @pencilnav, sorry for the tag. I'm trying to help review this PR and noticed some details regarding the user count and the blacklisting rationale mentioned by @myown-noc. Since you're more experienced here, would you mind taking a look and correcting me if my observations are wrong? Just want to make sure the information is clear. Thanks! |
I don't think that's a valid use case for inclusion. Correct me if I'm wrong. Please note per PSL guidelines:
|
|
I agree with the point raised by @pencilnav. Regarding the rationale from @myown-noc , if the primary goal is just to bypass blacklisting for their subdomains, it indeed seems to conflict with the PSL guidelines about not being a 'shortcut' for vendor restrictions. Also, as I noted earlier, the discrepancy between 100,000 users and 1,000 subdomains still feels like it needs a clearer technical explanation to justify why this belongs in the Private section instead of being managed via standard DNS tools. What do you think, @pencilnav ? Is there any specific scenario where this type of 'reputational isolation' could actually be considered valid under current policies? Please correct me if I’m wrong or if there’s a better way to phrase this. |
|
To clarify the different questions :
|
|
Thanks for the clarification, @myown-noc. The comparison with .eu.org is an interesting point, as they do serve a similar purpose in providing independent subdomains to users. It’s also helpful to know that this was suggested by a Public DNS provider like Quad9 to ensure proper treatment of the zone. However, as @pencilnav pointed out earlier regarding the PSL guidelines, the maintainers are usually very strict about the 'reputational' aspect. @pencilnav, given the comparison to .eu.org and the fact that each subdomain is managed by a different user, does this change the perspective on whether this fits the 'Private' section criteria? Or does the 'avoiding blacklisting' rationale still weigh too heavily against the guidelines? Please correct me if I’m wrong, I’m just trying to understand how these similar cases are differentiated in the review process. |
|
@zyroc-id! Your not helping by submit things generated by AI. I understand you are trying to help, but before posting, please read the PSL guidelines and go over some historic PRs to get some knowledge on how this works. You should't be pinging me in the first place and if you have done these properly, you wouldn't need to. Refrain from replying to this because your entire conversation is mostly off-topic. |
|
From PSL website : "In addition, owners of privately-registered domains who themselves issue subdomains to mutually-untrusting parties may wish to be added to the PRIVATE section of the list." mutualy-untrusting parties is the point : each party is independent and should be treated independently with no interaction between the parties, the activity of one party is not supposed to impact another (as the activity of site1.com is not supposed to impact site2.com, that's why .com is declared in the list). Information : we registered .my.be the 12/12/2000 (when we became .be registrars), more than 25 years that we offer free domains under this extension to our customers in complement of other TLD (we wanted a free TLD). |
|
@myown-noc Then please consult with Quad9 to get it resolved. If your main goal is to bypass Quad9 limitations by getting your domain into the PSL, it's considered as a non-acceptance and is likely not getting approved. |
|
They send us here because we told them that .my.be is supposed to be treated as a TLD (public suffix) and they use PSL to determine public suffixes... i've readed the documentation before applying and it seems it's well the purpose of this list... i will ask them to maintain their own list ... |
|
@myown-noc Hope you'll get some solid results from them. Mind closing this PR yourself before the maintainers do? |
|
Please put the Quad9 restrictions in the initial template for tracking. @pencilnav Are there any reasons not to accept this? We surely don't want to accept it just to work around the Quad9 issue but otherwise it still seems appropriate, right? |
|
@simon-friedberger Their main reason for adding into the PSL is to workaround Quad9 limitations. I found this as a non-acceptance (correct me if im wrong). Otherwise everything else do seem legit. |
|
Our main reason is that our eTLD is not recognized as such, which resulted in the entire eTLD being blacklisted instead of just the domain concerned. The blacklisting issue has been resolved, but we want the eTLD to be properly recognized so that this does not happen again. If the correct method to declare a eTLD is to add it to this list, for me it's not a "workaround", it's the requested procedure, as every other eTLD on the list... Is it not the purpose of the list to declare eTLD ? |
|
This needed an abuse contact and a review for the presence of entries on virustotal before it progressed to merging, to be consistent with our past handling of subdomain systems. I do agree this was submitted for the purpose of working around a limit in quad9's architecture. Putting the pressure on volunteers is inappropriately handing off workdebt. |
|
Found something interesting. @myown-noc Could you briefly explain? You've deleted a task in the checklist, specifically "We are listing any third-party limits that we seek to work around in our rationale such as those between IOS 14.5+ and Facebook". Please add it back and agree to it (if there isn't any, just click the checkbox and remove the lines below. See #2759 (comment)). PR Template is here.
I've done a check (the results are below) and most of these sites aren't actually serving web content (especially when 628 domains are binded to an ip address without HTTP/HTTPS ports open. This is far off from what you've claimed in the template. I was able to find 1069 subdomains on This is the list of subdomains i was able to find with an A record to it. (821 entries) Top used IP address is as follows:
There are 248 entries without an A record. After catagorizing, i've found 224 unique 3LDs (e.g. foo.my.be is a unique 3LD, and anything like bar.foo.my.be is counted as a subdomain of the 3LD.) With These being the top five:
|
|
We do not verify individually how our customers use their domains, on our database we have 1200+ domains .my.be registered by 250 distincts customers. On those domains, 200 use DNS servers of another provider, 300 use manual DNS records configured on our servers, the rest only use a http redirection (the easiest method for a free domain is to redirect to a free webhosting). Your data is clearly not accurate : 193.189.135.15 is the wildcard of the root ( *.my.be ), that catch every not registered domain (your list seems to be a lot of expired domains, not configured anymore), and indeed, there is no web server behind. That record is not used for a long time, i will fix that. |
4 participants
Public Suffix List (PSL) Submission
Checklist of required steps
Description of Organization
Robust Reason for PSL Inclusion
DNS verification via dig
Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the
_pslTXT record in place in the respective zone(s).Submitter affirms the following:
This request was not submitted with the objective of working around other third-party limits.
The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, and responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.
The Guidelines were carefully read and understood, and this request conforms to them.
The submission follows the guidelines on formatting and sorting.
A role-based email address has been used and this inbox is actively monitored with a response time of no more than 30 days.
Abuse Contact:
Abuse contact information (email or web form) is available and easily accessible.
URL where abuse contact or abuse reporting form can be found:
https://www.myown.eu/contact
For PRIVATE section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.
To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.
PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.
(Link: about propagation/expectations)
Description of Organization
MyOwn srl is a registrar and WebHosting company in belgium, offering free registration of .my.be subdomains
I (Stephane Bouvard) am cofunder and IT Manager of the company
Organization Website:
https://www.myown.eu
Reason for PSL Inclusion
Required by public dns to avoid blacklisting of the whole zone for the activity of one subdomain
Number of users this request is being made to serve:
100000 (currently around 1000 subdomains, maybe 100 visitors / subdomain)
DNS Verification