[142170] in North American Network Operators' Group
Re: unqualified domains, was ICANN to allow commercial gTLDs
daemon@ATHENA.MIT.EDU (Jeremy)
Sun Jun 19 20:31:47 2011
In-Reply-To: <20110620000845.F01AE10EAA6B@drugs.dv.isc.org>
Date: Sun, 19 Jun 2011 19:30:58 -0500
From: Jeremy <jbaino@gmail.com>
To: Mark Andrews <marka@isc.org>
Cc: Paul Vixie <vixie@isc.org>, nanog@nanog.org, tech@dk-hostmaster.dk
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
"DK" may not be hierarchical, but "DK." is. If you try to resolve "DK" on
it's own, many (most? all?) DNS clients will attach the search string/domain
name of the local system in order to make it a FQDN. The same happens when
you try and resolve a non-existent domain. Such as
alskdiufwfeiuwdr3948dx.com, in wireshark I see the initial request followed
by alskdiufwfeiuwdr3948dx.com.gateway.2wire.net. However if I qualify it
with the trailing dot, it stops after the first lookup. DK. is a valid FQDN
and should be considered hierarchical due to the dot being the root and
anything before that is a branch off of the root. see RFC1034
-Jeremy
On Sun, Jun 19, 2011 at 7:08 PM, Mark Andrews <marka@isc.org> wrote:
>
> In message <g339j59ywz.fsf@nsa.vix.com>, Paul Vixie writes:
> > Adam Atkinson <ghira@mistral.co.uk> writes:
> >
> > > It was a very long time ago, but I seem to recall being shown
> http://dk,
> > > the home page of Denmark, some time in the mid 90s.
> > >
> > > Must I be recalling incorrectly?
> >
> > no you need not must be. it would work as long as no dk.this or dk.that
> > would be found first in a search list containing 'this' and 'that', where
> > the default search list is normally the parent domain name of your own
> > hostname (so for me on six.vix.com the search list would be vix.com and
> > so as long as dk.vix.com did not exist then http://dk/ would reach
> "dk.")
> > --
> > Paul Vixie
> > KI6YSY
>
> DK should NOT be doing this. DK is *not* a hierarchical host name
> and the address record should not exist, RFC 897. The Internet
> stopped using simple host names in the early '80s. In addition to
> that it is a security issue similar to that described in RFC 1535.
>
> Mark
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
>
>
