From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/8781 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: Re: Would not love to see reconsideration for domain and search Date: Mon, 26 Oct 2015 12:16:39 -0400 Message-ID: <20151026161639.GF8645@brightrain.aerifal.cx> References: <20151023042720.GE8645@brightrain.aerifal.cx> <20151026021432.20049.qmail@ary.lan> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1445876234 8602 80.91.229.3 (26 Oct 2015 16:17:14 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Mon, 26 Oct 2015 16:17:14 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-8794-gllmg-musl=m.gmane.org@lists.openwall.com Mon Oct 26 17:17:00 2015 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1ZqkS6-0007cX-QY for gllmg-musl@m.gmane.org; Mon, 26 Oct 2015 17:16:54 +0100 Original-Received: (qmail 25942 invoked by uid 550); 26 Oct 2015 16:16:52 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 25919 invoked from network); 26 Oct 2015 16:16:52 -0000 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Original-Sender: Rich Felker Xref: news.gmane.org gmane.linux.lib.musl.general:8781 Archived-At: On Sun, Oct 25, 2015 at 10:14:42PM -0700, Tim Hockin wrote: > Maybe I am confused.. > > On Sun, Oct 25, 2015 at 7:14 PM, John Levine wrote: > > > DNS search lists seemed like a good idea back in the 1980s. Then in > > 1990 they added .CS for Czechoslovakia to the DNS root, and in > > Computer Science departments all over the world, addresses like > > joe@frodo.cs stopped working, since the search list that used to turn > > it into joe@frodo.cs.stateu.edu didn't do that any more. > > If I have a search path of "stateu.edu" and ndots=2, and I resolve > "frodo.cs", wouldn't that FIRST try frodo.cs.stateu.edu. BEFORE > frodo.cs. ? I suspect John was using a configuration with ndots=1, where the legacy behavior for queries with dots>=ndots was to first try the global scope, then fallback to search domains. And this example is (aside from nasty performance hit, which also matters) precisely why I think supporting this fallback is a bad idea: changes to the global dns scope, outside of your control, can change the results you get for things that you thought were under your control. Without this fallback, you would need ndots=2 to get the "desired" behavior, and addition of the .cs TLD would not have broken it. Of course you'd be blocking access to a number of real global-scope .cs domains, which would be bad policy, but at least stable. Note that ndots=1 search is rather harmless as long as ICANN has a prohibition on top-level domains resolving to an address. Rich