On Fri, Jun 17, 2011 at 5:33 PM, Jay Ashworth <jra@baylink.com> wrote:
For me, the engineering problem remains *single-component FQDNs*. I can't itemize the code they'll break, but I'm quite certain there's a lot.
Perhaps we could get an update to the relevant RFCs.. clarifying that only NS records may be dotless in the root namespace? As in -- No hostnames A, MX, or CNAME at the TLD level. The notion of a single-component FQDN would be quite a breakage for the basic concept of using both FQDNs and Unqualified names. Consider you have a hostname on your lan called "foobar", and someone registers .foobar and lists an @ A in the foobar zone. So... does "http://foobar" go to your LAN server? If yes, then .foobar's @ record is worthless. If no, then you have a security problem.... when .foobar is suddenly registered without you knowing, and the @ A gets pointed to a 'credentials stealing' site.
Cheers, -- jra -- -JH