Chaining CNAMEs?

Barry Margolin barmar at alum.mit.edu
Tue Aug 22 20:22:30 UTC 2006


In article <ecfitk$1e0b$1 at sf1.isc.org>,
 Joseph S D Yao <jsdy at center.osis.gov> wrote:

> (b) Note that RFC 1034 above says SHOULD, not MUST.  Words have meanings,
> especially when re-inforced by specifications of the subset of possible
> meanings to which the word is restricted in context (as in RFCs).

It should be noted that RFC 1034 was written before the IETF codified 
the way the words SHOULD and MUST are used in RFCs.  Notice, in 
particular, that since that time these words have always been written in 
uppercase, to emphasize their standardized meanings, while they're 
lowercase in RFC 1034.

In another post, Kevin Darcy wrote:
> But it should probably reject master zone files containing chained 
> CNAMEs -- that would fall under the "conservative in what you send" part 
> of the Robustness Principle (data in master files are clearly "sent" 
> data). Slave zone files containing chained CNAMEs? Hmmm, that's a bit of 
> a gray area, since the data are both "received" and "sent" in that case.

Since most CNAME chains are between zones under different authorities, 
this check is not likely to catch many instances.  So it's not clear 
that it's worth it, just to prevent 1% of the cases.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***



More information about the bind-users mailing list