Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

On Feb 6, 2018, at 12:39 AM, Lanlan Pan wrote: > I mean that in 5.2.  'localhost' labels in subdomains > , > localhost.example.com . => localhost. ( > equal to ban

Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

Ted Lemon 于2018年2月6日周二 下午1:17写道： > On Feb 5, 2018, at 11:58 PM, Lanlan Pan wrote: > > If we decide to ban localhost.example, > > > Nobody is proposing that we ban localhost.example. > Sorry for my poor english. I mean that in *5.2. 'localhost' labels in

Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

On Feb 5, 2018, at 11:58 PM, Lanlan Pan wrote: > If we decide to ban localhost.example, Nobody is proposing that we ban localhost.example. > 1) how many security accidents have caused by this "localhost.example", is it > a serious security problem with low attack cost ?

Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

Ted Lemon 于2018年2月6日周二 上午12:52写道： > On Feb 5, 2018, at 1:51 AM, Mark Andrews wrote: > > No it is not! The browser knows where the name came from. > > > Walk me through it. How does the browser know where the name came from? > we can return NXDOMAIN for

Re: [DNSOP] A conversational description of sentinel.

On 5 Feb 2018, at 11:18, Geoff Huston wrote: On 5 Feb 2018, at 11:47 pm, Tony Finch wrote: Geoff Huston wrote: if not underscores and IF “xm—“ as a leading substring is not acceptable for some reason, then what label format would be acceptable for this

Re: [DNSOP] A conversational description of sentinel.

> On 5 Feb 2018, at 11:47 pm, Tony Finch wrote: > > Geoff Huston wrote: >> >> if not underscores and IF “xm—“ as a leading substring is not acceptable for >> some reason, then what label format would be acceptable for this >> measure? > > Maybe put the -- in

Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

On Feb 5, 2018, at 3:28 AM, Matthew Kerwin wrote: > > It can be handy, though. "http://dev01/ " or "http://dev02/ > " is much easier to type. "password123" is easier to type (and remember!) than "rtuzb2tZ6xbsg", too. :) The way to make

Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

On Feb 5, 2018, at 1:51 AM, Mark Andrews wrote: > No it is not! The browser knows where the name came from. Walk me through it. How does the browser know where the name came from? ___ DNSOP mailing list DNSOP@ietf.org

Re: [DNSOP] A conversational description of sentinel.

Geoff Huston wrote: > > if not underscores and IF “xm—“ as a leading substring is not acceptable for > some reason, then what label format would be acceptable for this > measure? Maybe put the -- in the middle somewhere? e.g. is-ta-- not-ta-- Tony. -- f.anthony.n.finch

Re: [DNSOP] I-D Action: draft-ietf-dnsop-aname-01.txt

Evan Hunt wrote: > > No, an ANAME-aware resolver would ignore those records, re-query for > the ANAME target, and validate the response from there - same as it does > now with a CNAME. As long as the ANAME is validly signed, it's just a > chain query. That only works if the

Re: [DNSOP] A conversational description of sentinel.

On 04/02/2018 22:35, Petr Špaček wrote: > Underscore is now out of the question because we know about the > Android/Chrome problem se might test alternative labels. I don't think that's necessarily true. It may just mean that there's an additional set of possible responses that the draft needs

Re: [DNSOP] A conversational description of sentinel.

On 02/02/2018 04:45 PM, Warren Kumari wrote: > were **NOT** able to fetch the "underscore" record > were able to fetch the "dashdash" record Current Firefox 58.0.1 and old Chromium 61.0.3163.79, Linux, same result.  The system resolver does fetch _www.ksk-test.net. OK.  (I can't say I understand

Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

On 5 Feb. 2018 16:52, "Mark Andrews" wrote: > On 5 Feb 2018, at 5:10 pm, Ted Lemon wrote: > > On Feb 5, 2018, at 12:18 AM, Mark Andrews wrote: >> The original problem is that HTTP doesn’t specify that names learn across the >> wire, including