Date: Wed, 26 Mar 2003 08:32:02 +1100 From: Mark.Andrews@isc.org To: "Kevin Oberman" <oberman@es.net> Cc: David J Duchscher <daved@nostrum.com>, Terry Lambert <tlambert2@mindspring.com>, stable@FreeBSD.ORG Subject: Re: Resolver Issues (non valid hostname characters) Message-ID: <200303252132.h2PLW25Y025697@drugs.dv.isc.org> In-Reply-To: Your message of "Tue, 25 Mar 2003 12:44:23 -0800." <20030325204423.1EEAA5D07@ptavv.es.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Date: Tue, 25 Mar 2003 14:07:24 -0600 > > From: David J Duchscher <daved@nostrum.com> > > Sender: owner-freebsd-stable@FreeBSD.ORG > > > > On Tuesday, March 25, 2003, at 05:03 AM, Terry Lambert wrote: > > > > > It's probably not very useful to talk about doing this until > > > local caching-only name servers on border servers are capable > > > of handling the 8-bit, as well. For the RFC's that FreeBSD > > > currently complies with, it's right to be strict about this. > > > > I think this is the wrong approach to take with this problem. > > Linux, Windows, and Solaris do not enforce this restriction. If > > RFC 952 is being thrown out the window, then why should FreeBSD > > continue to enforce this restriction? At the moment, the > > problems I am seeing have little to do with 8-bit data but > > characters outside of the what RFC 952 allows. > > It should be noted that this limitation was in RFC952 which is not a DNS > specification. See RFC2181. I think our implementation is simply > broken. > > The DNS itself places only one restriction on the particular labels > that can be used to identify resource records. That one restriction > relates to the length of the label and the full name. > [...] > Those restrictions > aside, any binary string whatever can be used as the label of any > resource record. Similarly, any binary string can serve as the value > of any record that includes a domain name as some or all of its value > (SOA, NS, MX, PTR, CNAME, and any others that may be added). > Implementations of the DNS protocols must not place any restrictions > on the labels that can be used. In particular, DNS servers must not > refuse to serve a zone because it contains labels that might not be > acceptable to some DNS client programs. A DNS server may be > configurable to issue warnings when loading, or even to refuse to > load, a primary zone containing labels that might be considered > questionable, however this should not happen by default. gethostby*(), get*info() all talk RFC 952. They use the DNS as a database to store records in as they use /etc/hosts and NIS. gethostbyaddr() and gethostinfo() should not be returning names that don't comply to RFC 952. Like most people you are confusing hostnames and domainnames. The are NOT the same things. They are in fact overlapping sets. There are legal hostnames that cannot be stored in the DNS and the are domainnames that are not hostnames. Checking the results returned from a public database is good engineering practice. NIS and /etc/hosts are local databases and can be assumed to be correct. Mark > R. Kevin Oberman, Network Engineer > Energy Sciences Network (ESnet) > Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) > E-mail: oberman@es.net Phone: +1 510 486-8634 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303252132.h2PLW25Y025697>