[nsd-users] nsd4.0.0beta3: nsd-control accepts junk input

Johan Ihrén johani at johani.org
Fri Feb 1 15:25:50 UTC 2013


On Feb 1, 2013, at 15:33 , Miek Gieben wrote:

> [ Quoting <jpmens.dns at gmail.com> in "Re: [nsd-users] nsd4.0.0beta3: nsd-..." ]
>>> nlnet\032labs.nl. is a completely valid zone name.
>> 
>> Indeed, but: is that really used at all? I'm thingking along the lines
>> of telling my mom to go to http://web%20shop.nlnet%20labs.com ...
> 
> Well, a long, long time ago, when NSD was created, the motto was
> "garbage in, garbage out". 

Without going quite that far I have to say that I do not think that the CLI interface to a nameserver implementation is the place to make restrictions to what is clearly allowed by the DNS protocol.

I.e. while I will most certainly not send my mother to the web shop URL above (for all sorts of reasons) I would like to be able to manage such a domain name via nsd-control.

Speaking of restrictions... I know a TLD that used to implement a strict limit (32 octets) to the length of domain names. The reason was primarily to make their implementation simpler and the justification was "no one used it" (at the time, which was long ago). And now we have IDN and in some parts of the namespace 32 characters is not all that uncommon.

Restrictions that are stricter than what the protocol allows may sometimes be necessary (it could be that something is really, really hard to implement otherwise). So be it. But restrictions based on "no one uses it" seems like the wrong thing to me. That's like hearing english-speaking people claim that ASCII is all you need because THEY don't use korean much ;-)

Regards,

Johan





More information about the nsd-users mailing list