"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
-
"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
I felt I had to put this into this CVE advisory I'm drafting...
-
"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
I felt I had to put this into this CVE advisory I'm drafting...
@bagder Don't worry about it, just use libcurl to... oh, wait...
-
"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
I felt I had to put this into this CVE advisory I'm drafting...
@bagder it’s called terminating for a reason
-
"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
I felt I had to put this into this CVE advisory I'm drafting...
@bagder Curious as to why, I thought a trailing dot served a specific purpose that is useful?
-
@bagder Curious as to why, I thought a trailing dot served a specific purpose that is useful?
@larsmb on the Internet, that purpose is lost
-
R relay@relay.publicsquare.global shared this topic
-
"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
I felt I had to put this into this CVE advisory I'm drafting...
@bagder My understanding is that's a core part of DNS so unlikely to change without redesigning DNS. I have wondered if part of the issue is that it gets abstracted away/ignored in implementation (i.e. you dont have to add the trailing dot in many things for an address to work).
-
"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
I felt I had to put this into this CVE advisory I'm drafting...
@bagder I remember a guy in school making a real point out of the fact that the trailing period is valid, and as far as he was concerned, the preferred way!
I'm sure he turned his DNS passion into a profession
-
"Trailing dots in hostnames is a menace and a plague that keeps haunting us and the world at large."
I felt I had to put this into this CVE advisory I'm drafting...
It's always DNS.
-
@bagder My understanding is that's a core part of DNS so unlikely to change without redesigning DNS. I have wondered if part of the issue is that it gets abstracted away/ignored in implementation (i.e. you dont have to add the trailing dot in many things for an address to work).
-
True but the trailing dot is still a core part of DNS.
RFC 1035
s make up a large share of the data in the master file.
The labels in the domain name are expressed as character strings and
separated by dots. Quoting conventions allow arbitrary characters to be
stored in domain names. Domain names that end in a dot are called
absolute, and are taken as complete. Domain names which do not end in a
dot are called relative; the actual domain name is the concatenation of
the relative part with an origin specified in a $ORIGIN, $INCLUDE, or as
an argument to the master file loading routine. A relative name is an
error when no origin is available. -
R relay@relay.infosec.exchange shared this topic
-
@bagder My understanding is that's a core part of DNS so unlikely to change without redesigning DNS. I have wondered if part of the issue is that it gets abstracted away/ignored in implementation (i.e. you dont have to add the trailing dot in many things for an address to work).
-
@bagder Thanks, I see the headache you're referring to. Good prediction that it wasn't the last time you'd run into it being an issue.
