Wildcards

[Barry Margolin]

In article <aa76i9$6b9 at pub3.rc.vix.com>, Ashwin Kutty <akutty at is.dal.ca> wrote:
>I was wondering as to what the downsides of having Wildcards would be?  I
>have been reading and have found many sources that say it is a bad idea;
>however I'd like to know some more specifics if possible..

Some old resolvers will try appending a default domain suffix to all names,
even if they're already qualified, e.g. the user enters www.somewhere.com,
and the resolver tries looking up www.somewhere.com.localdomain.ca.  If
there's a wildcard entry *.localdomain.ca, it will match that name, and the
resolver won't retry without the default domain.

Even without this bug, there can be other problems.  Suppose the user
enters www.nonexistent-domain.com.  A correct resolver will first try this
without appending the default domain, but when that fails it will try again
with the default appended.  This will match the wildcard, and make it seem
like the name exists when it really doesn't.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.