Re: DNS pollution

[Keith Moore <moore at cs.utk.edu>]

> 	Actually if you had read the followup this was not a
> 	application error but a operator error.  Operator errors
> 	are exactly what this misbehaviour depends on.  This a
> 	perfectly good example of unexpected consequences.
>
> 	Note this also breaks the expectations of RFC 1123
>
>            If a dotted-decimal number can be entered without such
>            identifying delimiters, then a full syntactic check must be
>            made, because a segment of a host domain name is now allowed
>            to begin with a digit and could legally be entirely numeric
>            (see Section 6.1.2.4).  However, a valid host name can never 
>            have the dotted-decimal form #.#.#.#, since at least the
>            highest-level component label will be alphabetic.
>
> 	This implies that entering a address query for #.#.#.# will
> 	NOT return a RRset.

except that resolver libraries routinely tack on a domain suffix before 
sending the query.  so the query isn't for #.#.#.#, it's for 
#.#.#.#.some-domain.com.  and this is actually part of the problem.   in 
my experience, earthlink's servers often (correctly) don't respond for 
queries for a particular domain without the suffix, but do respond with 
bogus RRs for queries that have the suffix tacked on.  I'm not sure why 
the servers act differently between the two cases, but I've seen it 
happen enough to make me think there's a real correlation.

Keith



_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf