Home page logo
/

nanog logo nanog mailing list archives

Re: Sprint's slashes (was Re: Anybody from PSI?!?!?!)
From: Paul A Vixie <paul () vix com>
Date: Fri, 03 Jan 1997 15:01:07 -0800

Anyway, we are unlikely to change this stuff until it gets annoying for
ousrselves, sorry.

"Welcome to the new internet."

On the other note - MHO is it was a Bad Idea to put these checks into the
resolver library. No objections towards having it as an option in the code
for primary zones in name servers, though.

We debated this for a long while.  It turns out that a lot of applications
don't check the results of the names they get back from gethostbyaddr(), and
that the architecturally pure solution would have meant letting these older
applications, and their users, burn.  I wasn't willing to do that.  There was
a CERT advisory about sendmail's queue files and PTR RRs that included \n
characters, but there was no CERT advisory about the various applications who
expand DNS names on shell command lines.  Yes, the authors of those scripts
should be shot.  (Especially whoever wrote Vixie Cron.)  But something would
have to be done about Java as well.  And who knew what else?  It was not worth
skewering the universe to maintain the purity of the design.  So, we put the
checking in at several levels.

Check out draft-andrews-dns-hostnames-03.txt for more info on this subject.
- - - - - - - - - - - - - - - - -


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]