On Feb 1, 2025, at 16:47, Robert Edmonds <edmo...@mycre.ws> wrote: > > Paul Hoffman wrote: >> On Feb 1, 2025, at 15:49, Robert Edmonds <edmo...@mycre.ws> wrote: >>> If comments aren't allowed, what about parens, embedded newlines, \DDD >>> and \X escapes, etc.? >> >> None of that; I'll add more prohibitions. Thanks again for asking good >> questions! > > OK, so does this imply only names and record data can be represented in this > format if they do not contain any values that require escaping? For instance > the > domain name Action\.domains.ISI.EDU (the SOA RNAME in the zone file example in > RFC 1035 Section 5.3) could not be represented with this prohibition? If so it > would be good to explicitly document this limitation. (I guess if the value > that > requires escaping appears in the DUJ Rdata field it could be represented using > RFC 3597 syntax, if supported, but not for the DUJ FQDN field.)
Part of the design is to prevent a malicious actor from convincing a user that a DUJ is harmless when it is not. So, the escapes can be used in the Rdata (because some Rdata is really not text), but not the other fields. I have made that clearer in my intended update. --Paul Hoffman _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
