| Internet-Draft | forsalereg | January 2023 |
| Davids | Expires 30 July 2023 | [Page] |
This document defines a simple operational convention of using a reserved underscored node name ("_for-sale") to indicate that the parent domain name above, is for sale. It has the advantage that it can be easily deployed, without affecting any running operations. As such, the method can be applied to a domain name that is still in full use.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 30 July 2023.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Well-established services [RFC3912][RFC9083] exist to find out whether a domain name is registered or not. However, the fact that a domain name exists does mean that it cannot be obtained, because it may be up for sale.¶
Some registrars and various other parties offer (chargeable) mediation services between domain name holders and interested parties, but for domain names that are not for sale, such services would be a waste of money and time.¶
This specification defines a simple and universal way to find out if a domain name, even though it is taken, might be purchased nevertheless. It enables a domain name holder to add a reserved underscored node name [RFC8552] in the zone, indicating that the domain name is actually for sale.¶
The TXT record RRtype [RFC1035] that is created for that purpose MAY contain a pointer, such as a URI [RFC8820], to allow an interested party to find information or to get in touch with the domain owner and engage in further negotiations.¶
With due caution, such information can also be incorporated in the automated availability services, so that when a domain name is checked for availability, the service can also indicate whether or not it is for sale, including a pointer to the selling party's information.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
There are undoubtedly more ways to address this problem space. The reasons for the approach defined in this document are primarily accessibility and simplicity. The indicator can be easily turned on and off at will and moreover, it is available right away and does not require major changes in existing services. This allows for a smooth introduction of the concept.¶
The TXT [RFC8553] (Section 2.1) record MUST contain any valid content, ranging from an empty string to meaningful text or URIs. However, it SHALL NOT contain any text that suggests that the domain is not for sale. If a domain name is not for sale, the "_for-sale" indicator MUST NOT be used. Any existence of a "_for-sale" TXT record MUST therefore be regarded as an indication that the domain name is for sale.¶
This specification does not dictate the exact use of any content in the "_for-sale" TXT record, or the lack of any such content. Parties - such as Registries and Registrars - may use it in their tools, perhaps even by defining additional requirements that the content must meet. Alternatively, an individual can use it in combination with existing tools to make contact with the seller.¶
The content of the TXT record is "as is" and characters such as ";" between two URIs for example, have no defined meaning. It is up to the processor of the content to decide how to handle it.¶
This specification does not define any restrictions on the number of TXT records in the RRset, although it is recommended to limit it to one. It is also recommended that the length of the RDATA [RFC8499] does not exceed 255 bytes. When the RRset contains multiple records, or exceeds 255 bytes, it is at the discretion of the processor to make a selection. For example, a registry might pick a mandatory URI from the RRset to display on a website as part of its service, while an individual might just pick a phone number (if present) and dial it to make contact with a potential seller.¶
Adding any other RR types under the "_for-sale" leaf but TXT is NOT RECOMMENDED and they MUST be ignored for the purpose of this document.¶
A TTL longer than 86400 is NOT RECOMMENDED. Long TTLs increase the chance of outdated information, which can give potential buyers the idea that the domain name is still for sale when it is not.¶
The "_for-sale" leaf MUST NOT be a wildcard.¶
The "_for-sale" leaf MAY be a CNAME pointing to a TXT RRtype.¶
The "_for-sale" leaf node name MAY be placed on the top level domain, or any domain directly below. It MAY also be placed at a lower level, but only when that level is mentioned in the Public Suffix List [PSL].¶
Any other placement of the record MUST NOT be regarded as a signal that the domain above it is for sale.¶
See Table 1 for further explanation.¶
| Name | Situation | Verdict |
|---|---|---|
| _for-sale.example | root zone | For sale |
| _for-sale.aaa.example | Second level | For sale |
| _for-sale.co.bbb.example | bbb.example in PSL | For sale |
| _for-sale.www.ccc.example | Other | Invalid |
The owner of 'example.com' wishes to signal that the domain is for sale and adds this record to the 'example.com' zone:¶
_for-sale.example.com. IN TXT "https://example.com/forsale.html"¶
An interested party notices this signal and can visit the URI mentioned for further information. The TXT record can also be processed by automated tools, but see the Security Considerations section for possible risks.¶
As an alternative, a mailto: URI could also be used:¶
_for-sale.example.com. IN TXT "mailto:owner@example.com"¶
Or a telephone URI:¶
_for-sale.example.com. IN TXT "tel:+1-201-555-0123"¶
There can be a use case for a telephone URI, especially since WHOIS (or RDAP) often has privacy restrictions.¶
Free format text:¶
_for-sale.example.com. IN TXT "I'm for sale: info [at] example.com"¶
The content in the next example could be malicious, but it is not in violation of this specification (see Section 7):¶
_for-sale.example.com. IN TXT "<script>alert('H4x0r')</script>"
¶
IANA has established the "Underscored and Globally Scoped DNS Node Names" registry [RFC8552][IANA]. The underscored node name defined in this specification should be added as follows:¶
+-----------+--------------+-------------+
| RR Type | _NODE NAME | Reference |
+-----------+--------------+-------------+
| TXT | _for-sale | TBD |
+-----------+--------------+-------------+
There is a risk of data scraping, such as email addresses and phone numbers.¶
One use of the TXT record type defined in this document is to parse the content it contains and to automatically publish certain information from it on a website or elsewhere. However, there is a risk involved in this if the domain owner publishes a malicious URI or one that points to improper content. This may result in reputational damage for the party parsing the record.¶
Even worse is a scenario in which the content of the TXT record is not validated and sanitized sufficiently, opening doors to - for example - XSS attacks among other things.¶
Therefore, it is RECOMMENDED that any parsing and publishing is conducted with the utmost care.¶
There is also a risk that this method will be abused as a marketing tool, or to otherwise lure individuals into visiting certain sites or attempting other forms of contact, without there being any intention to actually sell the particular domain name. Therefore, it is recommended that this method is primarily used by professionals.¶
The concept described in this document is in use with the .nl ccTLD registry.¶
[note to editor: please remove this section before publication]¶
The author would like to thank Thijs van den Hout, Caspar Schutijser, Melvin Elderman and Paul Bakker for their valuable feedback.¶