On Jul 30 2015, Barry Margolin wrote:
In article <mailman.2375.1438232213.26362.bind-us...@lists.isc.org>,
Mark Andrews <ma...@isc.org> wrote:
[... snip ...]
Then iOS (or the application) is broken. Domain names should always
be compared case insensitively. Please report a bug to the app
vendor and / or Apple.
Isn't this the DNS 0x20 security enhancement? Clients send a random mix
of case, and check that the response matches, to protect against spoofed
responses.
https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
You must distinguish between the copy of the query in the reply packet,
which BIND (like nearly all implementations) does copy exactly from the
query, and the owner field used in the answer section, which recent
versions of BIND make the same as that loaded from zone file (when
authoritative), or as received from an authoritative nameserver (when
from the cache).
--
Chris Thompson
Email: c...@cam.ac.uk
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
