ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Underscore considerations

2006-06-09 08:12:49

On Jun 9, 2006, at 7:32 AM, Paul Hoffman wrote:

At 8:53 PM -0700 6/8/06, SM wrote:
Hi Jim,
At 16:35 08-06-2006, Jim Fenton wrote:
Let's try to construct the problem case:  Suppose someone managed to
register _domainkey.com. They could then publish keys in that domain, and sign arbitrary messages on behalf of .com. That's obviously a Bad
Thing.

Domain names are limited to alphabetic characters, digits and hyphen.

No, *host names* are restricted to alphabetic characters, digits and hyphen. This has been discussed, ad nauseum, for decades.

No, *host names* are scarcely restricted at all. You may wish it were otherwise, but it's not the case. In particular, underscores are downright common in hostnames, and most DNS servers don't put any constraints on them. There are RFC requirements on them, sure, but most people naming hosts aren't aware of them, they're not enforced by software and nothing bad happens when you violate them.

About the only thing you can rely on is that most (all?) registries enforce those character restrictions in domains registered with them. Which, fortunately, is enough to avoid the _domainkey.com "problem".

Cheers,
  Steve

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html