|
Message-ID: <20151026180831.GG8645@brightrain.aerifal.cx> Date: Mon, 26 Oct 2015 14:08:31 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com Subject: Re: Re: Would not love to see reconsideration for domain and search On Mon, Oct 26, 2015 at 05:41:48PM -0000, John Levine wrote: > >Note that ndots=1 search is rather harmless as long as ICANN has a > >prohibition on top-level domains resolving to an address. > > That horse left the barn over 15 years ago: > > https://www.rfc-editor.org/info/rfc7085 > > ICANN currently has a rule against it for generic TLDs, but they have > no control over two-letter country codes, and as our RFC notes, a lot > of ccTLDs have had A and MX records. This is probably an argument for a default of ndots=0, to avoid a regression looking up such names. > I say currently because Google asked for an exception to put an A > record to make http://search/ work, and it took some discussion before > ICANN said no. The no was as much about anti-competitive reasons, the > default would be to Google's search engine, as the technical issues. > If someeone else asked, they'd probably say no, but it's not cast in > stone. > > In response to another question about search order, the default value > of ndots is 1, so any domain name with at least one dot, such as > frodo.cs, is looked up directly before it tries a search list. You This is the behavior on glibc and most/all other legacy implementations. The proposed musl behavior would not search at all in the dots>=ndots case. > can set ndots to anything you want, but I expect that your users would > not be happy if gmail.com and yahoo.com could be shadowed by local host > names. Indeed, users setting up search domains and ndots>1 need to be careful that they control the contents of those domains and that they don't shadow anything needed from the global scope. This was a lot easier before the ridiculous arbitrary-string TLDs were added. IMO use of search domains is pretty much an outdated idea (that poses serious risks of future breakage) but without the global-to-search fallback that legacy implementions have (i.e. with the proposed musl implementation), at least the risk of breakage is isolated to inability to resolve _new_ domains rather than failure to resolve existing ones that previously worked. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.