Hi - >From: Ladislav Lhotka <[email protected]> >Sent: Aug 17, 2015 6:12 AM >To: [email protected] >Subject: [netmod] domain-name > >Hi, > >it seems the typedef "domain-name" in the "ietf-inet-types" (RFC 6991) >is too restrictive: characters in domain names are not limited to >[a-zA-Z0-9_]. RFC 2181 says:
Well, it's obviously missing "-", which is a perfectly fine character for a domain name. > The DNS itself places only one restriction on the particular labels > that can be used to identify resource records. That one restriction > relates to the length of the label and the full name. The length of > any one label is limited to between 1 and 63 octets. A full domain > name is limited to 255 octets (including the separators). The zero > length full name is defined as representing the root of the DNS tree, > and is typically written and displayed as ".". Those restrictions > aside, any binary string whatever can be used as the label of any > resource record. Similarly, any binary string can serve as the value > of any record that includes a domain name as some or all of its value > (SOA, NS, MX, PTR, CNAME, and any others that may be added). > Implementations of the DNS protocols must not place any restrictions > on the labels that can be used. In particular, DNS servers must not > refuse to serve a zone because it contains labels that might not be > acceptable to some DNS client programs. A DNS server may be > configurable to issue warnings when loading, or even to refuse to > load, a primary zone containing labels that might be considered > questionable, however this should not happen by default. This was the basis of the old "just use UTF-8" argument for IDN. Among other things, it runs afoul of the more restrictive rules for hostnames (distinct from domain names). >In particular, wildcard domain names (RFC 4592) are rejected by the >"domain-name" pattern. Not good. Randy _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
