Discuss mailing list

[e AT eo.gl]

On Jan 29, 2026 12:32 AM, Renard Bleu <dnsadmin123456 AT proton.me> wrote:
> Aaaa...... yes, the Tier-1 DNS servers for .o TLD (ns9 and
> ns11.opennic.glue) are down. And I just checked the zone files and
> it shows that currently there is no domain registered under .o TLD.
> Maybe you may ask the owner of ns9/ns11 for help. Or more directly,
> you can ask in OpenNIC IRC channel (Server: irc.libera.chat:6697
> (use SSL) Channel: #opennic) for help.
>
> Sent with Proton Mail secure email.

I also added the maintainer to the CC of the mail but the mail server 
rejected my e-mail. Both the nameservers are down and the registration 
hosting website is also down. Maybe I'll try IRC later.

On Jan 29, 2026 6:06 AM, Jacob Bachmeyer <jcb62281 AT gmail.com> wrote:
> On 1/28/26 12:48, Renard Bleu wrote:
> > Hello,
> >
> > There is an issue that, domains with .o TLD may be mistaken as an
> > object file with .o extension name (eg. intermediate output file
> > produced by a compiler from c or cpp source code).
> > (ref link:
> > https://community.cloudflare.com/t/opennic-domain-names/98832/2
> > ). Therefore, I think it is not secure for domain name operators to
> > provide .o domain name registration services.
>
> That is ridiculous because DNS and the filesystem are separate
> namespaces.  There is no possibility of confusion between a .o
> domain
> and an object file unless you work very hard to be stupid about it.
>
> Even the plausible scenario of storing files downloaded from a Web site
> in a tree corresponding to the URL does not produce confusion because
> the ".o" name in that case would be a *directory*, which is different 
> in
> the filesystem from any file that could have that name.  (Never mind
> that downloaded resources and object files are rather unlikely to 
> appear
> in the same directory.)
>
> In short, this claim of "not secure" is bogus.
>
> -- Jacob

Even though the DNS and the filesystem are seperate entities, there are 
some attack surfaces that can run both spaces. For example, browser 
address bars can run websites using DNS and run files, or file explorer 
bar can run web addresses, or the Windows Run utility can execute 
commands with it. This is where it can be confusing. We can distinguish 
between them and avoid those kind of problems, but a regular or people 
with less experience with computers and internet can be exploited with 
this TLD & extension confussion. Of course, the setup may vary and 
especially, the .o domain is so hard to confuse with the file. The .zip 
TLD is more problematic in that manner.