ICANN Board Votes to Launch New Generic Top-Level Domains

What does this mean to my active directory installation?
Well if you have installed your active directory domain with an internal dns name of .local, as many of us have, then you will want to purchase this domain when/if a provider (such as registar.com or network solutions or godaddy) makes the .local available.
Why?
When you create any ssl certificate request and send it off for approval, you MUST own those domains in order to get the cert request approved.
Right now, the .local does not exist on the internet, so the cert company says, yea,  no problem, .local is fake.
This is especially important when purchasing certificates with subject alternate names (SAN), like Exchange and Lync. The certificate has names of the external and internal domain names on it.

I know of a few clients who generically call the domain AD.LOCAL and obviously don’t own that name because it’s not for purchase…. yet.

At some point, GoDaddy or Registar or NetworkSolutions will purchase the .local top level domain and then there will be a rush to purchase your internal domain name.
I wish ICANN would have addressed the .local and consider it internal, like how 192.168.0.0 address is in IP addressing.
Maybe that’s one reason to have the internal domain name match the external domain name…. or at least owning both names.

Advertisements

About Mike

owner of blog
This entry was posted in Active Directory, PKI. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s