Paul Vixie <[email protected]> wrote: > > while i've generally included a localhost.$ORIGIN A RR in zones that appear in > my stub resolver search lists, in order that "localhost" be found,
I agree with the rest of your message but I want to highlight this bit because it is directly related to the main reason this draft exists. Your localhost records (like the ones I deleted from cam.ac.uk last week) are troublesome for the web browser same origin security policy: they can lead to vulnerabilites when your websites are accessed from multi-user machines and in other more obscure circumstances - for details, see http://seclists.org/bugtraq/2008/Jan/270 Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ - I xn--zr8h punycode Tyne, Dogger: Westerly backing southeastrly 4 or 5, occasionally 6 at first, then becoming cyclonic, mainly northwesterly later, 6 to gale 8, occasionally severe gale 9 later in south. Moderate or rough, occasionally very rough later in south. Rain. Good occasionally poor. _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
