How to validate SRV record?

Kevin Darcy kcd at chrysler.com
Thu Aug 23 22:49:55 UTC 2012 

On 8/23/2012 6:46 PM, Kevin Darcy wrote:
> On 8/23/2012 6:09 PM, Kevin Oberman wrote:
>> On Thu, Aug 23, 2012 at 8:52 AM, Nikolay Shaplov <n at shaplov.ru> wrote:
>>> Hi!
>>>
>>> I am trying to write a validator for name field of SRV record, and I 
>>> met
>>> several issues I can not understand. May be you can help me with that.
>>>
>>> 0. Bind does not really validate name of SRV record:
>>>
>>> _te__st_._te--st!?.rrr!e
>> Looks valid to me. Why should it not be? The format, as you say, is
>> _Service._Protocol.Name and that can be reduced to Perl RE of:
>> _.+\.\_.+\..+ As far as I can see on the RFC, there are no
>> restrictions on what characters are used other then the underscores
>> and dots.
>>> is considered to be correct record. (BIND 9.7.3) So I can not use 
>>> bind to get
>>> what is right and what is wrong.
>>>
>>> 1. RFC 2782 says that name field should have this format:
>>>
>>>   _Service._Proto.Name
>>>
>>> 1.1. Name as far as I get, should be validated as a common hostname. 
>>> Am I
>>> right?
>> No. The hostname character rules are valid ONLY for hostnames. Jon
>> Postel wrote and RFC (I don't have the number handy) expressly stating
>> that only hostnames and not any other names were so encumbered.
>> Moreover, the RFC states:
>> The symbolic name of the desired service, as defined in Assigned
>> Numbers [STD 2] or locally. What is done locally is up to whomever is
>> doing it and those using hte SRV record. SRVs are not restricted to
>> registered services or protocols.
>>
>>> 1.2. Service should be validated according to RFC 6335
>> RFC6335 is a BCP, not a standard and is stating IANA practice for
>> assigning  and using names and numbers. It in no way restricts SRV
>> records.
>>
>>> 1.3. What algorithm should be used to validate Proto? I can use the 
>>> same as
>>> for Service, but are there any strict guide lines about that?
>> Protocols are normally things like tcp, udp, etc, but the RFC does not
>> appear to me to restrict them in any way. RFC6335 is a BCP, not a
>> standard and is stating IANA practice for assigning names and numbers.
>> It in no way restricts SRV records. It even it states "This unique
>> symbolic name for a service may also be used for other purposes, such
>> as in DNS SRV records [RFC2782]." Not even "should".
> RFC 6335:
>
> 5.2. Service Name Usage in DNS SRV Records The DNS SRV specification 
> [RFC2782] states that the Service Label part of the owner name of a 
> DNS SRV record includes a "Service" element, described as "the 
> symbolic name of the desired service", but as discussed above, it is 
> not clear precisely what this means. This document clarifies that the 
> Service Label MUST be a service name as defined herein with an 
> underscore prepended. The service name SHOULD be registered with IANA 
> and recorded in the Service Name and Transport Protocol Port Number 
> registry [PORTREG].
Sorry, I meant to say that it's pretty clear that it *restricts* what a 
Service Label may contain. It's even a "MUST".

It is "only" a BCP, but it officially updates RFC 2782, and I think BCPs 
can "clarify" ambiguous parts of standards-track RFCs without themselves 
having to go through the entire standards-track process.

                                             - Kevin

More information about the bind-users mailing list