[dns-operations] Input from dns-operations on NCAP proposal

John Levine johnl at taugh.com
Fri Jun 3 21:22:47 UTC 2022


It appears that Brian Dickson <brian.peter.dickson at gmail.com> said:
>"ndots" can generally be any number between 0 and X, for
>implementation-specific X. Some implementations cap X at 15, some at 255,
>there may be other implementations.

Do we have any idea how many systems still use search lists?  We've been saying
bad things about them at least since .CS was added in 1991.

>In such a configuration, if the host name "foo" matches the candidate TLD
>"foo", and the latter is changed from NXDOMAIN ...

It seems to me that the risk depends a lot more on what the name is rather
than the particular DNS response.  If it's OEMDMCEKCSN. I doubt anyone will
notice, but if it's MAIL., watch out.

R's,
John


More information about the dns-operations mailing list