Path:
ns3.vrx.net!news2.best.com!newsfeed.berkeley.edu!newsfeed.stanford.edu!news.isc.org!bsdi.dv.isc.org!not-for-mail
From: [EMAIL PROTECTED] (Mark Andrews)
Newsgroups: comp.protocols.tcp-ip.domains
Subject: Re: NSI may revoke 100's of domains
Date: 14 Jan 2000 16:36:00 +1100
Organization: Internet Software Consortium
Lines: 71
Distribution: inet
Message-ID: <85mck0$[EMAIL PROTECTED]>
References: <85kita$625$[EMAIL PROTECTED]>
<[EMAIL PROTECTED]> <85m28c$et6$[EMAIL PROTECTED]>
NNTP-Posting-Host: bb.rc.vix.com
X-Trace: isrv4.pa.vix.com 947827972 6096 204.152.187.11 (14 Jan 2000 05:32:52 GMT)
X-Complaints-To: [EMAIL PROTECTED]
NNTP-Posting-Date: 14 Jan 2000 05:32:52 GMT
Xref: ns3.vrx.net comp.protocols.tcp-ip.domains:9704
In article <85m28c$et6$[EMAIL PROTECTED]> [EMAIL PROTECTED] (Rahul Dhesi)
writes:
>In <[EMAIL PROTECTED]>
>[EMAIL PROTECTED] (Sam Wilson) writes:
>
>>In article <85kita$625$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>>(Rahul Dhesi) wrote:
>
>>>In <85kgdv$[EMAIL PROTECTED]> [EMAIL PROTECTED] (Mark Andrews) writes:
>>>
>>>> It doesn't to me. Aliases also have to follow hostname syntax.
>>>> see: RFC 952. Given that *only* record at webforward.ascio.net
>>>> is an A record. www.a-.com can therefore be assumed to be an
>>>> alias covered by RFC 952.
>>>
>>>The words 'cname' and 'alias' nowhere appear in RFC 952.
>
>>Correct, but the word "nickname" does. Same function.
>
>Well, maybe. But in any case, RFC 2181 supersedes RFC 952. And RFC 2181
>says:
RFC 2181 does NOT supersede RFC 952. The paragraph below applies
to DOMAINNAMES. HOSTNAMES, which are a subset of DOMAINNAMES, are
still restricted by RFC 952 & RFC 1123.
BIND is compliant with this paragraph apart from which way the
default is set for primary zones.
>
> The DNS itself places only one restriction on the particular labels
> that can be used to identify resource records. That one restriction
> relates to the length of the label and the full name. The length of
> any one label is limited to between 1 and 63 octets. A full domain
> name is limited to 255 octets (including the separators). The zero
> length full name is defined as representing the root of the DNS tree,
> and is typically written and displayed as ".". Those restrictions
> aside, any binary string whatever can be used as the label of any
> resource record. Similarly, any binary string can serve as the value
> of any record that includes a domain name as some or all of its value
> (SOA, NS, MX, PTR, CNAME, and any others that may be added).
> Implementations of the DNS protocols must not place any restrictions
> on the labels that can be used. IN PARTICULAR, DNS SERVERS MUST NOT
> REFUSE TO SERVE A ZONE BECAUSE IT CONTAINS LABELS THAT MIGHT NOT BE
> ACCEPTABLE TO SOME DNS CLIENT PROGRAMS. A DNS server may be
> configurable to issue warnings when loading, or even to refuse to
> load, a primary zone containing labels that might be considered
> questionable, however this should not happen by default.
>
>Note the emphasis, which I have added. The same RFC says
>a little while later:
>
> Clients of the DNS can impose whatever restrictions are appropriate o
> their circumstances on the values they use as keys for DNS lookup
> requests, and on the values returned by the DNS. If the client has
> such restrictions, it is solely responsible for validating the data
> from the DNS to ensure that it conforms before it makes any use of
> that data.
>
>So, a name like a-.com is valid in DNS, but you are free to write a
>program that refuses to use it.
>
>From the DNS perspective, every character value between 0 and 255 is
>valid.
>
>QED, EOP, EOD. Y2K.
>--
>Rahul Dhesi <[EMAIL PROTECTED]>
> See my UUNET spam mini-faq at:
> http://www.rahul.net/dhesi/uunet.faq.txt
