Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On 19/04/2021 17:08, Lanlan Pan wrote: > > > Ray Bellis mailto:r...@bellis.me.uk>> 于2021年4月16日 > 周五 下午4:19写道： > > Many DNS proxies / ALGs don't inspect the packet contents at all, so a > stronger generic requirement was not feasible. > > > depends on use case ? > enterprise dns

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

Ray Bellis 于2021年4月16日周五 下午4:19写道： > > > On 14/04/2021 10:19, Stephane Bortzmeyer wrote: > > > Regarding dnsop work, the same report suggests to modify RFC 5625 "DNS > > Proxy Implementation Guidelines" to replace the MAY in section 6.3 by > > a MUST. I think that the reason there is currently a

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

Paul Vixie wrote: > > i shipped the crap in question as late as 1998 I absolutely honestly wasn't thinking of your crap at all :-) But your broader point about modern standards of excellence is well made. Tony. -- f.anthony.n.finchhttps://dotat.at/ Forties: Southeasterly 3 to 5, but

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On 16/04/2021 09:18, Ray Bellis wrote: > Yes, that was pretty much it. > > Many DNS proxies / ALGs don't inspect the packet contents at all, so a > stronger generic requirement was not feasible. FWIW, I have formally requested that the authors withdraw the statement in the paper's conclusion

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On 14/04/2021 10:19, Stephane Bortzmeyer wrote: > Regarding dnsop work, the same report suggests to modify RFC 5625 "DNS > Proxy Implementation Guidelines" to replace the MAY in section 6.3 by > a MUST. I think that the reason there is currently a MAY is not > because RFC 5625 finds invalid

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

> On 16 Apr 2021, at 04:52, Paul Vixie wrote: > > On Thu, Apr 15, 2021 at 05:46:29PM +1000, Mark Andrews wrote: >>> On 15 Apr 2021, at 17:28, Paul Vixie wrote: >>> so, freebsd was unfairly maligned in the forescout report on this event; >>> the bug was in their dhcp client, not their dns or

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On Thu, Apr 15, 2021 at 05:46:29PM +1000, Mark Andrews wrote: > > On 15 Apr 2021, at 17:28, Paul Vixie wrote: > > so, freebsd was unfairly maligned in the forescout report on this event; > > the bug was in their dhcp client, not their dns or "tcp/ip stack", and > > had been fixed 20 years late

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

> On 15 Apr 2021, at 17:28, Paul Vixie wrote: > I don't think it's entirely fair to blame the coders who make these mistakes, because a very large number of excellent programmers have made a mess of DNS name decompression. ... > > i shipped the crap in question as late as 1998,

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

> > > I don't think it's entirely fair to blame the coders who make these > > > mistakes, because a very large number of excellent programmers have > > > made a mess of DNS name decompression. ... i shipped the crap in question as late as 1998, and excellence wasn't the problem. in this field at

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On 4/14/2021 11:19 PM, Mark Andrews wrote: On 15 Apr 2021, at 07:17, Tony Finch wrote: John Levine wrote: On the other hand, all of the sloppy coding people use to handle compressed names is embarassing. I don't think it's entirely fair to blame the coders who make these mistakes, because

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

> On 15 Apr 2021, at 07:17, Tony Finch wrote: > > John Levine wrote: >> >> On the other hand, all of the sloppy coding people use to handle >> compressed names is embarassing. > > I don't think it's entirely fair to blame the coders who make these > mistakes, because a very large number of

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

John Levine wrote: > > On the other hand, all of the sloppy coding people use to handle > compressed names is embarassing. I don't think it's entirely fair to blame the coders who make these mistakes, because a very large number of excellent programmers have made a mess of DNS name

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On Wed, Apr 14, 2021 at 4:48 PM Stephane Bortzmeyer wrote: > > On Wed, Apr 14, 2021 at 11:01:42AM +0200, > Stephane Bortzmeyer wrote > a message of 10 lines which said: > > > The Name:Wreck compression pointer issue > > Also >

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

It appears that Stephane Bortzmeyer said: >On Wed, Apr 14, 2021 at 11:01:42AM +0200, > Stephane Bortzmeyer wrote > a message of 10 lines which said: > >> The Name:Wreck compression pointer issue I skimmed his very wordy paper and saw that all of the bugs he reported that affect software I

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On Wed, Apr 14, 2021 at 11:01:42AM +0200, Stephane Bortzmeyer wrote a message of 10 lines which said: > The Name:Wreck compression pointer issue Also

Re: [DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

On Wed, Apr 14, 2021 at 11:01:42AM +0200, Stephane Bortzmeyer wrote a message of 10 lines which said: > The Name:Wreck compression pointer issue > Regarding dnsop work, the same report suggests to

[DNSOP] A draft about the Name:Wreck problem draft-dashevskyi-dnsrr-antipatterns

The Name:Wreck compression pointer issue illustrates the implementation problems of DNS. I just find that there is an Internet-Draft, draft-dashevskyi-dnsrr-antipatterns, discussing these problems.