cvs commit: src/lib/libc/resolv res_comp.c

Wes Peters wes at opensail.org
Mon Feb 18 10:49:58 PST 2008


On Feb 18, 2008, at 6:38 AM, Guy Helmer wrote:

> Xin LI wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> M. Warner Losh wrote:
>> I don't think it would be the end of world if we allow _ in host  
>> names.
>> All other (lame) OSes allows it, their resolver just accepts this
>> character and give the answer, actually, I would be very surprised  
>> if it
>> can still cause any real world attack nowadays.
>>
> Are we talking about hostnames specifically, or domain name  
> components in general?
>
> I've been recently looking at DomainKeys, and underscores appear to  
> be typically used in the domain components for domain keys TXT  
> records (example below from http://www.elandsys.com/resources/sendmail/domainkeys.html) 
> :
> mail._domainkey.example.com. IN TXT "k=rsa; t=y;
>            
> p=MEwwPQRJKoZIhvcNADAQCQADOwAwOAIxANPpYHdE2tevfEpvL1Tk2dDYv0pF28/ 
> f5MxU83x/0b
>           sn4R4p7waPaz1IbOGs/6bm5QIDAQAB"

Other systems, including mDNS and zeroconf, rely on underscores in  
domain components as well. Underscores in domain names are a de jure  
standard, in the hostname a de facto standard.

--
            Where am I, and what am I doing in this handbasket?
Wes Peters                                                     wes at opensail.org




More information about the cvs-src mailing list