cvs commit: src/lib/libc/resolv res_comp.c
Wes Peters
wes at opensail.org
Mon Feb 18 10:49:58 PST 2008
On Feb 18, 2008, at 6:38 AM, Guy Helmer wrote:
> Xin LI wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> M. Warner Losh wrote:
>> I don't think it would be the end of world if we allow _ in host
>> names.
>> All other (lame) OSes allows it, their resolver just accepts this
>> character and give the answer, actually, I would be very surprised
>> if it
>> can still cause any real world attack nowadays.
>>
> Are we talking about hostnames specifically, or domain name
> components in general?
>
> I've been recently looking at DomainKeys, and underscores appear to
> be typically used in the domain components for domain keys TXT
> records (example below from http://www.elandsys.com/resources/sendmail/domainkeys.html)
> :
> mail._domainkey.example.com. IN TXT "k=rsa; t=y;
>
> p=MEwwPQRJKoZIhvcNADAQCQADOwAwOAIxANPpYHdE2tevfEpvL1Tk2dDYv0pF28/
> f5MxU83x/0b
> sn4R4p7waPaz1IbOGs/6bm5QIDAQAB"
Other systems, including mDNS and zeroconf, rely on underscores in
domain components as well. Underscores in domain names are a de jure
standard, in the hostname a de facto standard.
--
Where am I, and what am I doing in this handbasket?
Wes Peters wes at opensail.org
More information about the cvs-src
mailing list