[10719] in bugtraq
Re: weaknesses in dns label decoding,
daemon@ATHENA.MIT.EDU (Brett Glass)
Fri Jun 4 14:27:48 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <4.2.0.56.19990604113019.0466d2e0@localhost>
Date: Fri, 4 Jun 1999 11:35:31 -0600
Reply-To: Brett Glass <brett@LARIAT.ORG>
From: Brett Glass <brett@LARIAT.ORG>
X-To: der Mouse <mouse@RODENTS.MONTREAL.QC.CA>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199906031551.LAA24753@Twig.Rodents.Montreal.QC.CA>
At 11:51 AM 6/3/99 -0400, der Mouse wrote:
> How is it a favor to anyone to allow some illegal names but not
>others?
It's a first step toward eliminating the root cause of the problem:
needlessly inconsistent standards.
It's counterintuitive, and inconsistent, that some characters (the
underscore in particular) are allowed in user names (that is, to the
left of the "@") but not in host names (to the right of the "@").
There's no reason for this inconsistency; it's perfectly reasonable
to use the same character set for both.
In short, the people who specify host names with underscores aren't
"idiots" (as a few people have called them in private e-mails) --
they just have perfectly reasonable expectations.
I think that the correct answer is to make the standards consistent
with one another. I'd also like to see an option that lets you specify,
to BIND, the character set it will accept for host names. This would
allow system administrators to let names with underscores pass
without throwing the baby (that is, other checks on the name) out
with the bath water. This option would be useful until the standards
are changed and new software versions become widespread.
--Brett Glass
