cTLD and DNS upgrade

Joseph S D Yao jsdy at center.osis.gov
Wed Jul 6 01:35:23 UTC 2005 

On Wed, Jul 06, 2005 at 02:34:54AM +0200, Brad Knowles wrote:
...
> >  I dont think '#' is one of the allowed charaters in the first place and
> >  I dont know how the convinced Bind to accept it.
> 
> 	It's a perfectly valid character as part of a domain name.  Try 
> reading the RFCs.  Labels in domain names are explicitly allowed to 
> be 8-bit binary data, although there are strong recommendations to 
> limit them to the standard syntax for host naming conventions (e.g., 
> RFC 1025 section 2.3.1, although I'm sure that this has been updated 
> or perhaps even obsoleted by later RFCs).
...

On Wed, Jul 06, 2005 at 02:53:11AM +0200, Brad Knowles wrote:
...
> 	Sorry, make that RFC 1035, not 1025.  My bad.
...


RFC 1035 is valid.

RFC 2181, "Clarifications to the DNS Specification", has a section
discussing valid DNS labels.  Section 11.

"Occasionally it is assumed that the Domain Name System serves only
the purpose of mapping Internet host names to data, and mapping
Internet addresses to host names.  This is not correct, the DNS is a
general (if somewhat limited) hierarchical database, and can store
almost any kind of data, for almost any purpose.

The DNS itself places only one restriction on the particular labels
that can be used to identify resource records.  That one restriction
relates to the length of the label and the full name.  The length of
any one label is limited to between 1 and 63 octets.  A full domain
name is limited to 255 octets (including the separators).  The zero
length full name is defined as representing the root of the DNS tree,
and is typically written and displayed as ".".  Those restrictions
aside, any binary string whatever can be used as the label of any
resource record.  Similarly, any binary string can serve as the value
of any record that includes a domain name as some or all of its value
(SOA, NS, MX, PTR, CNAME, and any others that may be added).
Implementations of the DNS protocols must not place any restrictions
on the labels that can be used.  In particular, DNS servers must not
refuse to serve a zone because it contains labels that might not be
acceptable to some DNS client programs.  A DNS server may be
configurable to issue warnings when loading, or even to refuse to
load, a primary zone containing labels that might be considered
questionable, however this should not happen by default.

Note however, that the various applications that make use of DNS data
can have restrictions imposed on what particular values are
acceptable in their environment.  ..."

Name servers are specifically limited in their ability to use the 8-bit
clean names that they serve, see RFC 2825, "A Tangled Web: Issues of
I18N, Domain Names, and the Other Internet protocols".  This is an issue
that perhaps should be revisited soon.

-- 
Joe Yao
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.

More information about the bind-users mailing list