Re: RFC 1035, section 3.3.1

[Mark.Andrews@isc.org]

> Can the domain name in question start with the label "*"?
> 
> What should happen if it does?  (Pre-DNSSEC and in DNSSEC.)
> 
> I'm asking in the context of writing silly-state NXT rules.

	The record is allowed but you have but the record is only
	synthesised if the QTYPE is CNAME.

	This really needs to cleaned up.  Either wildcard CNAMES
	need to be banned or RFC 1034 Section 4.3.2. Algorithm needs
	to be fixed.

	Replace:
            If the "*" label does exist, match RRs at that node
            against QTYPE.  If any match, copy them into the answer
            section, but set the owner of the RR to be QNAME, and
            not the node with the "*" label.  Go to step 6.

	With:
	    If the "*" label does exist, match RRs at that node
	    against QTYPE.  If any match, copy them into the answer
	    section, but set the owner of the RR to be QNAME, and
	    not the node with the "*" label.  If the data at the
	    node is a CNAME and QTYPE is not CNAME copy it into the
	    answer section, but set the owner of the RR to be QNAME,
	    not the node with the "*" label.  Go to step 6.
	   
	This still leave NS and DNAME as problematical wildcards.

--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews@isc.org

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>