Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Br 20240930 update #2192

Merged
merged 7 commits into from
Sep 30, 2024
Merged

Br 20240930 update #2192

merged 7 commits into from
Sep 30, 2024

Conversation

fnevesbr
Copy link
Contributor

Public Suffix List (PSL) Submission

Checklist of required steps

  • Description of Organization

  • Robust Reason for PSL Inclusion

  • DNS verification via dig

  • Run Syntax Checker (make test)

  • This request was not submitted with the objective of working around other third-party limits.

  • The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, and responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.

  • The Guidelines were carefully read and understood, and this request conforms to them.

  • The submission follows the guidelines on formatting and sorting.

Description of Organization

Nic.br a private not-for-profit organization operating Internet Infrastructure in Brazil.

I'm the CTO and tec contact for .br.

Organization Website:
https://nic.br/who-we-are/
.br registry website - https://registro.br/

Reason for PSL Inclusion

Two new 2nd level domains

Number of users this request is being made to serve:
Estimated thousands

leilao.br with already 256 delegated zones.
bet.br will start provisioning soon as it will be used as a "safe haven" only by goverment authorized gamimg plataforms.

DNS Verification

Registry provisioning system doesn't support the inclusion of _psl TXT records at the zone. The two zones are already provisioned and DNSSEC proof their existence and validity.

~> dig @a.dns.br bet.br soa +dnssec +multi +norec

; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> @a.dns.br bet.br soa +dnssec +multi +norec
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28893
;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1232
; COOKIE: 888c4a01178980d00100000066fab5dc45e3b226f9e040b8 (good)
;; QUESTION SECTION:
;bet.br.			IN SOA

;; ANSWER SECTION:
bet.br.			172800 IN SOA a.dns.br. hostmaster.registro.br. (
				2024274346 ; serial
				1800       ; refresh (30 minutes)
				900        ; retry (15 minutes)
				604800     ; expire (1 week)
				900        ; minimum (15 minutes)
				)
bet.br.			172800 IN RRSIG	SOA 13 2 172800 (
				20241014142511 20240930132511 25854 bet.br.
				SbuhG9Sk+SsFNBlmhp/mSwM7UGpx6Ma+6zQtZTG2P8an
				iA33pinhlj0mq6CJFtk6NKW523fLHUvErgrFPqDvdA== )

;; Query time: 1 msec
;; SERVER: 2001:12f8:6::10#53(a.dns.br) (UDP)
;; WHEN: Mon Sep 30 11:29:48 -03 2024
;; MSG SIZE  rcvd: 227

~> drill -S bet.br soa
;; Number of trusted keys: 1
;; Chasing: bet.br. SOA


DNSSEC Trust tree:
bet.br. (SOA)
|---bet.br. (DNSKEY keytag: 25854 alg: 13 flags: 257)
    |---bet.br. (DS keytag: 25854 digest type: 2)
        |---br. (DNSKEY keytag: 62539 alg: 13 flags: 256)
            |---br. (DNSKEY keytag: 38298 alg: 13 flags: 257)
            |---br. (DS keytag: 38298 digest type: 2)
                |---. (DNSKEY keytag: 20038 alg: 8 flags: 256)
                    |---. (DNSKEY keytag: 20326 alg: 8 flags: 257)
;; Chase successful

~> dig @a.dns.br leilao.br soa +dnssec +multi +norec

; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> @a.dns.br leilao.br soa +dnssec +multi +norec
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29441
;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1232
; COOKIE: 110d763acdcad6de0100000066fab5e199e6782d6512cd4e (good)
;; QUESTION SECTION:
;leilao.br.		IN SOA

;; ANSWER SECTION:
leilao.br.		172800 IN SOA a.dns.br. hostmaster.registro.br. (
				2024274346 ; serial
				1800       ; refresh (30 minutes)
				900        ; retry (15 minutes)
				604800     ; expire (1 week)
				900        ; minimum (15 minutes)
				)
leilao.br.		172800 IN RRSIG	SOA 13 2 172800 (
				20241014142510 20240930132510 25854 leilao.br.
				wY+GW3nr9gP1jjmHsaQKE37EV9z5aYcM2NFpTCmoyQKv
				tWfQpM8tBXhflsJ5EbGQr3rd632cgzpF592tdVCfjA== )

;; Query time: 1 msec
;; SERVER: 2001:12f8:6::10#53(a.dns.br) (UDP)
;; WHEN: Mon Sep 30 11:29:53 -03 2024
;; MSG SIZE  rcvd: 233

~> drill -S leilao.br soa
;; Number of trusted keys: 1
;; Chasing: leilao.br. SOA


DNSSEC Trust tree:
leilao.br. (SOA)
|---leilao.br. (DNSKEY keytag: 25854 alg: 13 flags: 257)
    |---leilao.br. (DS keytag: 25854 digest type: 2)
        |---br. (DNSKEY keytag: 62539 alg: 13 flags: 256)
            |---br. (DNSKEY keytag: 38298 alg: 13 flags: 257)
            |---br. (DS keytag: 38298 digest type: 2)
                |---. (DNSKEY keytag: 20038 alg: 8 flags: 256)
                    |---. (DNSKEY keytag: 20326 alg: 8 flags: 257)
;; Chase successful

Results of Syntax Checker (make test)

> make test
cd linter;                                \
  ./pslint_selftest.sh;                     \
  ./pslint.py ../public_suffix_list.dat;
test_allowedchars: OK
test_dots: OK
test_duplicate: OK
test_exception: OK
test_NFKC: OK
test_punycode: OK
test_section1: OK
test_section2: OK
test_section3: OK
test_section4: OK
test_spaces: OK
test_wildcard: OK

dnsguru
dnsguru approved these changes Sep 30, 2024
View reviewed changes
Copy link
Member

@dnsguru dnsguru left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Tests pass
  • DNS Validated
  • Conforming entry
  • No Conflict with base

Also:

  • Confirmed to be IANA contact for .br

Approved

@dnsguru dnsguru added r=dnsguru Marked as approved and ready to merge by @dnsguru ✔️DNS _psl Validated RFC 8553 Entries were present, matching PR# ✔️Sorting Validated https://github.com/publicsuffix/list/wiki/Guidelines#sort-your-submission-correctly-important 🚩ICANN (IANA/ICP-3) Section PR changes in the ICANN/IANA section typically reserved for TLDs. labels Sep 30, 2024
@dnsguru dnsguru self-assigned this Sep 30, 2024
@dnsguru dnsguru merged commit 8a487b3 into publicsuffix:master Sep 30, 2024
2 checks passed
@fnevesbr
Copy link
Contributor Author

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dnsguru dnsguru dnsguru approved these changes

Assignees

@dnsguru dnsguru

Labels
✔️DNS _psl Validated RFC 8553 Entries were present, matching PR# 🚩ICANN (IANA/ICP-3) Section PR changes in the ICANN/IANA section typically reserved for TLDs. r=dnsguru Marked as approved and ready to merge by @dnsguru ✔️Sorting Validated https://github.com/publicsuffix/list/wiki/Guidelines#sort-your-submission-correctly-important
Projects
List Add/Mod/Del
Status: Done or Won't
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fnevesbr @dnsguru