- Warren Kumari
- Jaap Akkerhuis
- Patrik Fältström
This advisory investigates the security and stability needs surrounding the growing use of public suffix lists on the Internet.
For the purposes of this Advisory, a public suffix is defined as “a domain under which multiple parties that are unaffiliated with the owner of the Public Suffix domain may register subdomains.” Examples of Public Suffix domains include "org", "co.uk", "k12.wa.us" and "uk.com".
There is no programmatic way to determine the boundary where a Domain Name System (DNS) label changes stewardship from a public suffix, yet tracking the boundary accurately is critically important for security, privacy, and usability issues in many modern systems and applications, such as web browsers. One method of determining this boundary is by use of public suffix lists (PSLs), which are static files listing the known public suffixes.