On 6/19/12 9:24 AM, Zack Weinberg wrote:
I think we do need our own DNS resolver eventually (mostly because DNSSEC) but it's not necessary for this. We'd just have to refuse to do the DNS query at all for URLs whose hostname component did not contain a dot, and/or which was equal to or a suffix of an entry in the public suffix list.
There's also the fun case of intranets using things like "benefits.corp". This was widely deployed at Sun Microsystems, which had a number of such partially-qualified internal domains (eg .corp, .eng, ..sfbay). Including the confusion-inducing ".ebay" (for "east bay"). Where should "checkit.ebay" go, hmm? :)
I found an old page that references a number of these... http://www.geocities.ws/lenin_salvador/sun_bookmarks.html
Justin _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
