about DNS mapping method

Thu Oct 5 09:12:57 UTC 2000

I really appreciate your comments, Thor, Okenve, Kevin
and Peter. 
You indicated such a lot of points on my suggestion.

Now, I consider that bidirectional mapping will affect
many-to-one case 
if without any modification.

Actually, many-to-one A records exist. 
Such as, 
<forward>
  USC-ISIC.ARPA   IN   A   10.0.0.52
  C.ISI.EDU       IN   A   10.0.0.52

If without any modification, the result will be same
as following records.
<reverse> 
  52.0.0.10.in-addr.arpa IN  PTR  USC-ISIC.ARPA.
  52.0.0.10.in-addr.arpa IN  PTR  C.ISI.EDU.

Just as what Thor said, I agree with that this is
harmful to the security. 

How about the following modification? Is it still
cause the security problem?
   52.0.0.10.in-addr.arpa
        <relation> USC-ISIC.APRA.
   52.0.0.10.in-addr.arpa
        <relation> cname C.ISI.EDU.
If an argument is added to the <PTR or A> record to
ditinguish cname and alias, 
then the server will only return the C.ISI.EDU back to
the client. 

Cokenve, are you with me in above suggestion, this
time? 
Peter, thanks for your kind suggestion again. 

Best Regards

Bobo

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/