Thank you Paul,
this document is far better than I hoped for. I have to improve my
googling skills it seems. This is brilliant.
On 9/30/19 5:35 PM, Paul Ebersman wrote:
> pemensik> I am aware search is a no-no in DNS community. However, is
> pemensik> there any public documentation to this change
One more thing: what about disabling search lists? Can't I make a rule
that "all FQDNs must be specified with a trailing dot (as documented to
stop the use of search lists)"?
You'd better test that thoroughly. Firefox still doesn't get the TLS host
header right, and Apache doesn't toss its bre
Following https://www.icann.org/en/system/files/files/sac-064-en.pdf,
it sounds like modest groups of Internet users (such as informal clubs)
that don't have their own official domain (like "iment.com") are out of
luck if they would like to have local subdomains -- unless they want to
use the quite
The following is not specific to BIND, but concerns the operating
environment for DNS software. Ebersman in a later post links to a document
which foreshadows what I'm about to discuss.
On Mon, 30 Sep 2019, Petr Mensik wrote:
[...]
I am aware search is a no-no in DNS community.
That's barely
pemensik> I am aware search is a no-no in DNS community. However, is
pemensik> there any public documentation to this change? Is there RFC
pemensik> recommending not to use search or how it should be used,
pemensik> related to today's top level domains?
pemensik> While I agree it is dangerous, the
Hi Mark,
I am aware search is a no-no in DNS community. However, is there any
public documentation to this change? Is there RFC recommending not to
use search or how it should be used, related to today's top level domains?
While I agree it is dangerous, there are still people using it. I think
we
Partially qualified names are inherently unsafe.
Depending on applying the search list after trying the name as fully
qualified is just plain dangerous as it depends on a NXDOMAIN response
from a namespace not under your control to reach the service you are
after. TLDs get added all the time.
On
Hello,
I got bug report [1] about different behavior of nslookup in 9.11
version compared to old 9.9 version. At first I thought this issue
should be closed right away. But when I digged into changes in BIND, I
could not find any reason for given change. It seems to me the effect
was not desired.
8 matches
Mail list logo