[Freeipa-devel] [PATCH 0047] Allow underscore in DNAME targets
Simo Sorce
simo at redhat.com
Thu Apr 11 12:43:44 UTC 2013
On Thu, 2013-04-11 at 14:24 +0200, Petr Viktorin wrote:
> On 04/11/2013 12:05 PM, Tomas Babej wrote:
> > Hi,
> >
> > Makes DNAME target validation less strict and allows underscore.
> > This is requirement for IPA sites.
> >
> > https://fedorahosted.org/freeipa/ticket/3550
> >
> > Tomas
>
> I checked with Petr², and he said it would make sense to also enable
> underscores for the other records types.
> For records other than TXT, SRV, DNAME, and NSEC we could warn if
> underscores are used, but that's probably not worth the trouble -- just
> allowing underscores everywhere is fine.
>
Underscores are invalid DNS characters, they should not be allowed for A
records, only for DNAME, and SRV records IMO.
That said I am ok allowing them on other records provided we warn
prominently.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list