On 2015-11-20 17:27, Peter Bowen wrote:
On Fri, Nov 20, 2015 at 7:32 AM, Kurt Roeckx <k...@roeckx.be> wrote:
On 2015-11-19 22:19, douglas.beat...@gmail.com wrote:
I realize I'm a little late to the game, but I had a question on the
maximum length. If I'm reading this correctly, it looks like you applied
the max length of 63 to the LABEL. Should it actually be to FQDN and
WILDCARD? Is it 63 or 64?
The label is limited to 63. I don't think there is an RFC that limits the
total FQDN, but rfc1123 says:
Host software MUST handle host names of up to 63 characters and
SHOULD handle host names of up to 255 characters.
covers it is more detail. 253 is the length you want to check
according to RFC 1034.
For some reason I missed this earlier in RFC 1034:
labels 63 octets or less
names 255 octets or less
To simplify implementations, the total length of a domain name (i.e.,
label octets and label length octets) is restricted to 255 octets or
dev-security-policy mailing list