> On 17 Aug 2015, at 18:50, Randy Presuhn <[email protected]> wrote: > > Hi - > >> From: Ladislav Lhotka <[email protected]> >> Sent: Aug 17, 2015 6:12 AM >> To: [email protected] >> Subject: [netmod] domain-name >> >> Hi, >> >> it seems the typedef "domain-name" in the "ietf-inet-types" (RFC 6991) >> is too restrictive: characters in domain names are not limited to >> [a-zA-Z0-9_]. RFC 2181 says: > > Well, it's obviously missing "-", which is a perfectly fine > character for a domain name.
That’s my copy-and-paste mistake, sorry, the pattern in “domain-name” does permit hyphens. > >> The DNS itself places only one restriction on the particular labels >> that can be used to identify resource records. That one restriction >> relates to the length of the label and the full name. The length of >> any one label is limited to between 1 and 63 octets. A full domain >> name is limited to 255 octets (including the separators). The zero >> length full name is defined as representing the root of the DNS tree, >> and is typically written and displayed as ".". Those restrictions >> aside, any binary string whatever can be used as the label of any >> resource record. Similarly, any binary string can serve as the value >> of any record that includes a domain name as some or all of its value >> (SOA, NS, MX, PTR, CNAME, and any others that may be added). >> Implementations of the DNS protocols must not place any restrictions >> on the labels that can be used. In particular, DNS servers must not >> refuse to serve a zone because it contains labels that might not be >> acceptable to some DNS client programs. A DNS server may be >> configurable to issue warnings when loading, or even to refuse to >> load, a primary zone containing labels that might be considered >> questionable, however this should not happen by default. > > This was the basis of the old "just use UTF-8" argument for IDN. > Among other things, it runs afoul of the more restrictive rules > for hostnames (distinct from domain names). Yes, RFCs 1034 and 1035 strongly recommend adhering to stricter hostname rules but it is no MUST for domain names, and exceptions do exist. > >> In particular, wildcard domain names (RFC 4592) are rejected by the >> "domain-name" pattern. > > Not good. Also, CIDR-style reverse zones contain labels like 128/26 that are rejected by the “domain-name” pattern, too. Lada > > Randy > > _______________________________________________ > netmod mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/netmod -- Ladislav Lhotka, CZ.NIC Labs PGP Key ID: E74E8C0C _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
