Dotless Domains

Original Article ↗ Hacker News Discussion ↗

Email validation and edge-case addresses

  • Several comments argue that strict email regexes cause more harm than good, blocking valid but unusual addresses (e.g., one-letter TLDs, new gTLDs like .blue, .wiki, very short local parts).
  • Many advocate minimal validation (essentially “contains @”) plus confirmation emails, sometimes augmented with MX checks and typo-detection (Levenshtein distance to common domains).
  • Subaddressing (user+tag@domain) is highlighted as standards-based and widely supported, despite some sites blocking it.
  • Emoji and non-ASCII local parts/domains are discussed: domains go through punycode, but emoji/unicode usernames have inconsistent deliverability; specs largely assume 7-bit ASCII.
  • Extremely short addresses (e.g., @tld, u@x, ??@ua, p@f) are technically possible or historically used, but many systems reject them as invalid.

Dotless domains, TLDs, and DNS semantics

  • All domains are under the root “.”; trailing dots indicate fully qualified names and prevent search-domain suffixes being appended.
  • NS records and FQDN behavior are explained, with quotes from DNS literature about the null root label and how example.com. is canonical.
  • There’s pushback on the article’s reading of ICANN SSAC: commenters note RFC 5321 explicitly allows TLD-only domains in email addresses.
  • ICANN discourages “dotless” use in the public DNS and also discourages emoji domains, but registrars sometimes ignore related RFCs if customers pay.
  • Some ccTLD operators have experimented with TLD-level MX records and even considered TLD-wide login cookies, likened to AOL keywords.

URLs, IP literals, and parsing quirks

  • Commenters explain how IPv4 addresses can be written as single decimal integers, octal, hex, shortened forms (e.g., 127.1), and IPv4-in-IPv6 ([::ffff:1.1.1.1]).
  • There’s a standards dispute: RFC 3986 would treat many numeric-only hosts as domain names, while the WHATWG URL standard formalizes real-world browser behavior that accepts these forms leniently.

Browser omnibar vs single-label hosts

  • Single-label hosts or custom TLDs often get treated as search queries rather than URLs.
  • Workarounds include adding http://, a trailing slash, or relying on DNS search suffixes; some users disable “search from URL bar” in Firefox.
  • This tension is framed as a side effect of merging URL and search boxes.

Cloudflare Workers and “hug of death”

  • The original site quickly hit Cloudflare Workers’ free-tier limits (request-count based), leading to “temporarily rate limited” errors.
  • Discussion distinguishes between DDoS protection and simple overuse of a capped free service; Cloudflare doesn’t “add resources” for organic surges.
  • Several argue a small VPS with caching would easily handle HN-scale traffic; others note configuration and caching complexity.
  • Cloudflare is also criticized for privacy concerns and intrusive human-verification challenges.

Anecdotes and historical oddities

  • Stories include administrators sending mail from the bare TLD, a hidden dotless domain run inside a registrar, and short novelty domains/emails used in the 90s.
  • Vatican’s insistence on www.vatican.va (not vatican.va) is noted as a long-standing quirk and likely trigger for renewed interest in dotless domains.