Domain Names and the Internet of Things (IoT)

The Internet of Things (IoT) refers to the growing number of internet-connected devices and objects that collect and share data. Examples include smart home appliances, wearable devices, connected cars, industrial sensors, and more. As the IoT expands, so does the need for domain names and web addresses for all these connected “things.”

Domain names serve as unique identifiers on the internet, allowing devices and services to be easily accessible. With billions of new IoT devices coming online, the demand for domain names tailored to the IoT will increase dramatically. How this impacts the domain name industry and infrastructure is an important issue to examine.

This article will provide an overview of the IoT and its domain naming needs. Topics covered include:

  • What is the Internet of Things and key trends
  • Unique naming challenges for the IoT
  • New domain extensions for IoT identifiers
  • Managing massive numbers of domain names
  • IoT communication protocols and their domain requirements
  • DNS infrastructure demands for the IoT
  • ICANN policy considerations for IoT domains
  • Security and privacy issues with IoT domains
  • Outlook on the future of IoT domains

What is the Internet of Things?

The Internet of Things refers to the network of physical objects and devices around the world that are connected to the internet and can collect and exchange data. Examples of IoT devices include:

  • Smart home devices – Smart thermostats, security cameras, appliances, lighting systems, and more.
  • Wearables – Fitness trackers, smart watches, health monitoring devices.
  • Industrial sensors – Sensors that monitor manufacturing equipment, supply chains, logistics.
  • Smart city infrastructure – Traffic monitoring systems, water management systems, air quality sensors.
  • Connected vehicles – Vehicles with internet access that can send and receive diagnostic data.
  • Agricultural monitoring – Sensors that monitor soil conditions, crop growth, livestock.

Key traits of IoT devices are:

  • Connectivity – They can connect to the internet or other network via WiFi, cellular, Bluetooth, satellite, etc.
  • Sensors – They contain sensors that detect changes in conditions like temperature, location, sound, pressure.
  • Data exchange – They can gather data from their sensors and exchange it over networks.
  • Remote monitoring/control – They allow for remote monitoring of conditions and controlling devices from afar.
  • Identification – They have a unique identifier like an IP address to distinguish them from other devices.

According to IoT Analytics, there are 10 billion IoT devices deployed as of 2021, with that number expected to grow to 27 billion by 2025. The proliferation of smart devices in homes, industry, and cities is driving massive growth in the IoT. This is creating huge demand for IP addresses and internet connectivity for all these devices coming online.

Unique Naming Challenges for the IoT

The massive growth of the Internet of Things presents major challenges when it comes to assigning unique identifiers and names to each device. Some key naming challenges include:

Scale – With tens of billions of devices forecasted to connect to the internet in the coming years, there is a need to scale the naming system to handle huge numbers of IoT devices. The current DNS was not built to handle this capacity.

Address exhaustion – There is a limited number of possible IPv4 addresses, although IPv6 provides vast capacity. Still, naming systems will need to adapt to handle continued growth.

Identification – IoT devices need identifiers that are unique and remain stable over the lifetime of a device. This allows them to send and receive consistent data over years of operation.

Metadata – IoT identifiers may need to contain metadata like device type, location, manufacturer. This provides additional context about each device.

Security – IoT communication security will rely heavily on domain names and identifiers. They need to be secure from spoofing, hijacking, and manipulation attacks.

Simplicity – Device names need to be simple and human-readable where possible, not just random strings of numbers and letters. But this needs to be balanced with security.

Automation – With so many devices, naming processes will need to be automated as much as possible. Manual, human-driven processes won't scale.

Ownership – Questions around who owns and manages the identities of IoT devices connected to public networks will need to be addressed.

These IoT-specific naming challenges require adaptations to existing naming systems and DNS infrastructure as well as the development of new technologies and policies.

New Domain Extensions for IoT Identifiers

To provide unique internet identities for the huge numbers of new IoT devices, new top level domain names tailored specifically for IoT device identification are being introduced:

.iot – This new generic top level domain name was approved by ICANN in 2016 for the purposes of identifying internet-connected devices and objects. .iot domains can be used by IoT device manufacturers, service providers, or owners to provide unique device identities.

.asus, .apple, .samsung – Major IoT device vendors like Asus, Apple, and Samsung have been assigned their brand names as top level domains. This allows them to issue domains like mydevice.asus or to their products.

.airconditioner, .car, .toaster – Domains ending in the generic names of device types may also emerge as ways to easily identify IoT objects. While these likely won't be formally assigned as gTLDs, they could be used as subdomains.

IPv6 addresses – The vastly expanded addressing capacity of IPv6 provides enough address space to potentially give every IoT device its own IP address that could be used as part of its identity. Format options like reverse DNS could map these to human readable names.

In addition to these new domain options, existing TLDs like .com, .net and .info can be used for IoT device identities. However, new extensions provide more context that the device is part of the Internet of Things. They will be important in handling the scale of new devices connecting to networks in the coming years.

Managing Massive Numbers of Domain Names

With some predictions estimating over 100 billion IoT devices connected to the internet within the next 10 years, managing massive numbers of device names and domains will be a major challenge. Some key considerations around scale include:

Registrar capacity – Existing domain name registrars may need to expand their registration systems to handle large volumes of IoT domains. This could mean updating APIs, automating more of the process, and expanding DNS storage infrastructure.

DNS infrastructure updates – DNS servers will need increased capacity to store DNS records at scale and perform huge numbers of lookup queries. Expanded caching, new protocols like DNS over HTTPS, and more DNS providers can help manage demand.

New registry services – For new TLDs like .iot, there is an opportunity to build registries with custom capabilities tuned for IoT identifiers from the start. Features like automation, security extensions, and machine-readable APIs can be developed.

Coping with churn – With consumer IoT devices that may come and go from homes and businesses frequently, there will be large numbers of domains created and abandoned. Registry systems will need to cope with this churn rate.

Hierarchy/subdomains – Hierarchical naming systems using subdomains can help partition the DNS namespace to make lookup and management more efficient at scale. For example, home.iot and industry.iot.

Overall, existing DNS infrastructure will need to be extended with new IoT-focused features. Additional distributed DNS providers, redundancy, caching, security innovations, automation, and hierarchical naming conventions will help the DNS withstand the IoT explosion.

IoT Communication Protocols and Domain Requirements

IoT devices utilize various communication protocols to connect with each other and exchange data over the internet. The domain naming requirements vary across these different protocols:

AllJoyn – Open source IoT protocol by the AllSeen Alliance with a distributed architecture and support for service discovery between nearby devices. May benefit from multicast DNS (mDNS) and .local domains for device identities.

MQTT – Lightweight publish-subscribe messaging protocol for IoT. Uses central broker servers. Device client IDs are important identifiers that may map to domain names.

CoAP – Constrained Application Protocol designed for low power IoT devices. Supports UDP and confirmation messages between clients and servers. URI endpoint names needed.

AMQP – Advanced Message Queuing Protocol used in IoT for persistent messaging. Connection URLs identify queues and endpoints. Interoperability across brokers is important.

DDS – Data Distribution Service model for real-time IoT data exchange. Relies on domain and participant IDs for devices/processes wanting to share data.

XMPP – Extensible messaging protocol where each client has a unique XMPP identifier for exchange of XML messages between endpoints.

HTTP/REST – IoT devices increasingly support web protocols and REST APIs. Human-readable URLs identify API resources for HTTP requests.

These protocols rely on identifiers like URLs, URIs, client IDs, and XML IDs to enable device communications. The naming schemes for these IDs will need to scale alongside adoption of these protocols in the IoT industry.

DNS Infrastructure Demands for the IoT

The widespread use of internet protocols and web-based APIs in the IoT means that DNS infrastructure will be essential for reliable functionality. Some increased demands on DNS include:

  • High volumes of DNS queries to resolve large numbers of new device domain names and translate device IDs.

  • Low latency DNS lookups for time-sensitive IoT applications like autonomous vehicles or industrial controls.

  • Enhanced security such as DNSSEC to provide trusted domain identities and prevent man-in-the-middle attacks against IoT connections.

  • Support for DNS over HTTPS and encryption to protect IoT privacy and security.

  • Expanded DNS caching and capacity for rate limiting to handle massive query volumes.

  • New protocols like Multicast DNS for IoT device discovery in local networks.

  • Pervasive use of Reverse DNS lookup for mapping device IPs to names.

  • Integration of DNS with IoT platform services and API management systems.

  • DNS-based service discovery mechanisms tailored for dynamic IoT environments.

  • Federated/distributed DNS architectures to avoid single points of failure.

  • Increased automation in provisioning and maintaining DNS records as devices come online.

These and other DNS enhancements will be required to make the prevalent vision of an interconnected world of IoT devices a reality. The ability to uniquely identify and access each device using domains and URLs will be fundamental.

ICANN Policy Considerations for IoT Domains

ICANN, the organization that oversees top-level domain policies and DNS root zone registries, will need to consider several factors involved with introducing and managing new domains tailored for the IoT:

  • Clear justification for any proposed generic IoT-specific TLDs like .iot based on community need.

  • Policies that promote competition among IoT registries while avoiding monopolization.

  • Security and stability requirements specific to IoT devices that may be developed into registry/registrar agreements.

  • Processes to resolve potential trademark conflicts over new branded IoT domain proposals.

  • Analysis of market demand and technical requirements before approving TLDs for IoT verticals.

  • Mechanisms to expand available namespace in a coordinated fashion as IoT grows rather than too rapidly.

  • Functional accessibility needs for human users who must interact with IoT device names.

  • Allowance for creative naming solutions from the industry like URL/URI path conventions.

  • Reevaluating restrictions on qualifying domain name registrants for IoT purposes.

  • Promoting global interoperability and preventing fragmentation with IoT naming schemes.

A coordinated approach is needed between ICANN, registries, registrars, standards bodies and technology vendors to ensure domain systems meet both functional and policy goals as a foundation for the IoT.

Security and Privacy Issues with IoT Domains

As with any internet-connected system, there are key security and privacy considerations surrounding the implementation of naming schemes for Internet of Things devices:

  • IoT domain takeovers/hijacking could allow attackers to divert devices to malicious destinations or steal data.

  • Spoofing authoritative DNS records for IoT systems could undermine trusted communications.

  • Lack of encrypted DNS connections opens IoT data to privacy breaches and manipulation.

  • subdomain delegation policies need to ensure proper access control over device identities.

  • Exposed registration databases of IoT domains could reveal sensitive details like device locations.

  • Buggy IoT firmware relying on DNS names leaves devices open to DNS rebinding attacks.

  • Securely provisioning domain credentials on devices during manufacturing will be crucial.

  • Botnets compromise thousands of IoT devices to launch DDoS attacks – this can involve DNS exhaustion.

  • Phishing sites impersonate legitimate human-facing IoT device domains and portals.

  • Provisioning secure unique identities for DIY/homebrew IoT devices will be challenging.

Addressing these threats through technical measures like DNSSEC encryption, as well as policies promoting security best practices, is imperative as we expand connectivity to critical systems and physical infrastructure.

The Future of IoT Domains

Looking ahead, internet naming infrastructure will need to be increasingly tailored towards the scale and constraints of the Internet of Things. Some key predictions include:

  • Mainstream usage of new TLDs like .iot once cost and adoption challenges are overcome.

  • Shift towards domains managed through registries focused on automation and technical IoT requirements versus human users.

  • More brands/manufacturers wanting dedicated IoT subdomains separate from their existing web domains.

  • Potential for blockchain/distributed ledger technology to play a role in securing IoT DNS records and identities.

  • Demand for stronger encryption, access control and authentication baked into IoT naming architecture.

  • More intelligent, semantic-aware naming schemes that describe device metadata in identifiers.

  • Lightweight, compressed DNS message formats optimized for smaller IoT network packets.

  • Integration of naming services with common IoT protocol stacks and embedded OSes.

  • Use of DNS alternatives like multicast DNS only where centralized DNS doesn't meet specialized IoT needs.

  • Strategic partnerships between major IoT platform vendors and DNS providers to co-engineer solutions.

With so many emerging variables, IoT naming infrastructure has an uncertain but critical place in the broader evolution of industrial and consumer IoT markets.


As IoT adoption accelerates, there is a massive opportunity to proactively address the unique naming and identity challenges this vast network of devices, sensors, and gateways will present. Both existing DNS infrastructure and entirely new approaches tailored for machine-driven communication at scale have roles to play.

Collaboration between ICANN, ISPs, DNS providers, IoT vendors, and domain registries will be instrumental in navigating these challenges. With care and vision, we can build an interoperable foundation of IP addresses, URLs, and domain names that seamlessly connects the physical world. The Internet of Things will fundamentally reshape how we interact with all manner of devices and objects around us. But it can only reach its full potential if the global naming system evolves to meet its demands.

Recent Posts