0

I recall that there is a list of hosting domains that are known to have subdomains from different sources, as for example wix.com and appspot.com, built into browsers. For such domains, subdomains do not inherit trust from the domain.

I forget the name of the list. What is it called?

Joshua Fox
  • 239
  • 1
  • 10
  • 1
    It sounds like you are describing DNS SOA records. – schroeder Sep 03 '20 at 12:18
  • Thank you. Do SOA records say in effect "foo.wix.com and bar.wix.com do not really belong to wix.com, so you should not extend any trust you have in wix.com to these subdomains"? I am not seeing from documentation that SOA has that purpose. – Joshua Fox Sep 03 '20 at 12:26
  • 1
    What kind of trust are you talking about? CORS? SEO? SPF? DMARC? – schroeder Sep 03 '20 at 12:30
  • 2
    If foo.wix.com and bar.wix.com each point to a different hosts, you would be able to see this from the A records for each of these FQDN's. But, I'm not sure what you mean by the term 'belong' in your comment above. And, I also have the same question as @schroeder with regard to what you mean by extending trust. In terms of PKI, wix.com can get a valid CA-signed cert for any subdomain under wix.com (foo.wix.com, bar.wix.com), etc. But, if your referring to same-origin policy (SOP), the the browser will not allow cross site requests across different subdomains of wix.com. – mti2935 Sep 03 '20 at 13:13

1 Answers1

3

It sounds like you want The Public Suffix List. It covers things like wix.com and dyndns.org where subdomains are under individual control, and national TLDs some of which have very insteresing heirachies.

https://publicsuffix.org/

It is used my Mozilla to limit the scope of cookies (and probably for other things too)

Jasen
  • 834
  • 5
  • 8