--mvpLiMfbWzRoNl4x
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jul 07, 2008 at 11:28:05PM -0400, Keith Moore wrote:
The site-dependent interpretation of the name is determined not by the
presence of dot within the name but its absence from the end.=20
=20
not so. in many contexts the trailing dot is not valid syntax.
Let me be precise. The resolver treats those names differently because
it was handed a name that did or did not end in a dot - the resolver's
syntax for absolute vs. relative pathname. I understand that may
conflict with application syntax. Applications that do not support an
explicit notation for absolute domain names will not be able to look
them up when those names are masked by site-dependent resolution of
relative names. Both "hk" and "www.isi.deterlab.net" are relative
names and subject to masking.
The (some) resolver handles names differently if it contains a dot.
pet.com is lookup up as pet.com FIRST then "pet.<search-element>".
pet is looked up as "pet.<search-element>" FIRST and "pet" LAST.
The above heuristics worked reasonably well in a IPv4 only
world where tld's weren't turning back the clock and trying
to make make single label hostnames work in a global context.
There is a good case to be made that "pet" should *never*
be looked up as plain "pet" if there is not a match on the
search list.
There is a good case to be made that "pet.com" should never
be looked up against the search list.
I understand that such maskings are more intuitive with short names like
"hk", but that limitation of the application interface applies to any
relative domain name.
The only reason to want single labels to be looked up "as
is" is reverse the clock and support deprecated naming
schemes.
I don't buy "unreliable" as a diagnosis for that state of affairs. "hk"
operates exactly as any other DNS name with respect to search path.=20
=20
search path isn't the only factor here.
Understood. It was the objection I was responding to, though.
=20
there are also protocol specifications that expect DNS names to have=20
dots in them.
One could argue that such protocols are not able to express all valid
domain names, which may be a feature. :-)
That's probably a longer discussion than I want to have though, so I
agree that this is a stumbling block.
=20
there are also software implementations that use the presence/absence of=
=20
a dot to distinguish a DNS name from some other kind of name. in any=20
context where both a DNS name and something else can appear, it's useful=
=20
to be able to distinguish the two - and the presence/absence of a dot is=
=20
about the only test that works.
I'm sure that there are plenty of apps that break here, and certainly
some protocols that have been specified that way, and I feel the pain of
backward compatibility. If I were running the website at hk, I'd
publicize the conventional DNS names and not hk. =20
I really didn't intend to get as deeply into this as I did. I was
honestly intrigued by a 2-letter hostname and wanted to see if it really
worked, as I could see no reason it wouldn't. For me it did.
I understand that your resolver, server, and application may all prevent
it. I also understand that using such names may sow confusion among
those who don't care to examine the workings of their DNS set-up. And
that any confusion about computers is set upon by the unscrupulous to
gather money. Encouraging TLD hostnames as a matter of policy is more
complex than noting that the DNS specifications allow such a thing.
It's clear that single label host names are not supposed
to be used in a global context anymore. Just because nobody
wrote down "Don't add a A or MX record at the apex of a
TLD" doesn't mean that adding one was expected or desired.
There are lots of things we do and don't expect infrastructure
zone operators to do that differ from end user zones. Most
of these are not codified.
Mark
But it was pretty cool. :-)
--=20
Ted Faber
http://www.isi.edu/~faber PGP: http://www.isi.edu/~faber/pubkeys.=
asc
Unexpected attachment on this mail? See http://www.isi.edu/~faber/FAQ.html#=
SIG
--mvpLiMfbWzRoNl4x
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)
iEYEARECAAYFAkhzo2wACgkQaUz3f+Zf+XsK4QCg2VpDMr/fF1VnBGzx7Pa4dRgs
/0kAoJCVm5WBUIpZrAIvdIa3A2E1Gdtb
=x6uM
-----END PGP SIGNATURE-----
--mvpLiMfbWzRoNl4x--
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews(_at_)isc(_dot_)org
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf