From owner-freebsd-stable Tue Mar 25 15:16:18 2003 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DABE37B404 for ; Tue, 25 Mar 2003 15:16:14 -0800 (PST) Received: from drugs.dv.isc.org (c17249.carlnfd1.nsw.optusnet.com.au [210.49.138.109]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02AEF43FA3 for ; Tue, 25 Mar 2003 15:16:12 -0800 (PST) (envelope-from marka@drugs.dv.isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.12.8/8.12.7) with ESMTP id h2PL2d5Y025441; Wed, 26 Mar 2003 08:02:40 +1100 (EST) (envelope-from marka@drugs.dv.isc.org) Message-Id: <200303252102.h2PL2d5Y025441@drugs.dv.isc.org> To: Terry Lambert Cc: daved@nostrum.com, stable@FreeBSD.ORG From: Mark.Andrews@isc.org Subject: Re: Resolver Issues (non valid hostname characters) In-reply-to: Your message of "Tue, 25 Mar 2003 03:03:12 -0800." <3E803770.1DD7FD0@mindspring.com> Date: Wed, 26 Mar 2003 08:02:39 +1100 X-Spam-Status: No, hits=-5.8 required=5.0 tests=IN_REP_TO,NO_REAL_NAME,QUOTED_EMAIL_TEXT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > David J Duchscher wrote: > > It seems that the use of invalid characters in hostnames is cropping > > up more and more. Besides complaining to the offending site which > > often doesn't work, I was wondering if these restrictions on FreeBSD > > should be re-examined. At this time, it seems that many OSes are no > > longer enforcing this requirement or never have. In my case, I am > > running into a hostnames with an underscore character in the name. It > > seems that Linux, MacOS X, Solaris and Windows all allow this hostname > > to resolve but FreeBSD, as well as the other *BSD, reject it. Should > > FreeBSD follow suit? > > Welcome to DNSINT. > > Specifically, restrictions were relaxed on the root level servers; > this was generally announced about a month ago. All data is 8-bit > now, but not all DNS servers can handle it (e.g. try putting a tab > or space or whatever in a zone name, which is now legal). 8 bit characters have ALWAYS been legal in the DNS. Hostnames when stored in the DNS are still restricted to the characterset specified in RFC 952. Letters, digits and hyphen (LDH) for the labels. > The root servers were mostly switched over to totally different > software from bind. 8-(. Really. The route operators would be very interested to know this. $ for s in a b c d e f g h i j k l m > do > echo $s `dig9 +short version.bind txt chaos +norec @$s.root-servers.net` > done a "VGRS2" b "8.2.5-REL" c "8.3.3-REL" d "8.3.1-REL" e "8.3.3-REL" f "9.2.2" g h "8.3.4-REL" i "8.2.3-REL" j "VGRS2" k l "BIND-8.3.1-MA-PATCH-JMB-01" m "8.3.4-REL" $ > The specific reasons were for support of Big5 due to increased > political pressure coming from China. See the ICANN web site > for details. > > Personally, I think it's to make it harder to cut-and-paste > domain names from SPAM to find the responsible party (chars > in Big5 don't go over very well in ISO 8859-1, and end up > being shell escapes, etc.). > > The answer is that it will have to be supported when DNSINT is > supported (but nit until then; significant resolver library > changes, which are not easy, are required, etc.). IDN (internationalised domain name) requires a translation layer ABOVE the DNS to translate the extended hostname range (which is not every UNICODE character) into LDH and back. > It's probably not very useful to talk about doing this until > local caching-only name servers on border servers are capable > of handling the 8-bit, as well. For the RFC's that FreeBSD > currently complies with, it's right to be strict about this. Nameservers and resolvers DO NOT need to be changed to support IDN. Applications need to know how and when to perform the translations. New / extended API's to lookup and return IDN's are needed. The application needs to know in advance that it is going to get IHN (internationalised hostname name) returned. IHN are a subset of IDN which when stored in the DNS is a subset of the legal hostnames which intern are a subset of all domainnames. > Mostly it's still about domain name speculation, and, IMO, > will be for a while. I'd say it's about as widely adopted as > IPv6 -- which is to say: not very. > > PS: I was on the DNSINT IETF working group for a while, FWIW. Well you obviously do not know what the consensus was or the correct title (IDN). For those that want the RFC's and current drafts see http://www.ietf.org/html.charters/idn-charter.html Mark > -- Terry > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message