On 2015-11-20 17:27, Peter Bowen wrote:
On Fri, Nov 20, 2015 at 7:32 AM, Kurt Roeckx <k...@roeckx.be> wrote:
On 2015-11-19 22:19, douglas.beat...@gmail.com wrote:

I realize I'm a little late to the game, but I had a question on the
maximum length.  If I'm reading this correctly, it looks like you applied
the max length of 63 to the LABEL.  Should it actually be to FQDN and
WILDCARD?  Is it 63 or 64?

The label is limited to 63. I don't think there is an RFC that limits the
total FQDN, but rfc1123 says:

  Host software MUST handle host names of up to 63 characters and
  SHOULD handle host names of up to 255 characters.

covers it is more detail.  253 is the length you want to check
according to RFC 1034.

For some reason I missed this earlier in RFC 1034:
  labels          63 octets or less

  names           255 octets or less


  To simplify implementations, the total length of a domain name (i.e.,
  label octets and label length octets) is restricted to 255 octets or

dev-security-policy mailing list

Reply via email to