Andreas Plesner Jacobsen wrote:
:
Thanks for the background info. Incidentally, that brings us to a
third inconsistent operating mode of getByName(), so we're up to three
different behaviours:
1. When running under a security manager, we cache forever
2. When not running under a security mana
* Alan Bateman:
> Search for a ~1996 paper on DNS spoofing attacks from Princeton
> University as that gives useful background on this topic and is the
> original reason for the caching.
That paper is probably out of date by now. Interaction of expiry and
poisoning hasn't been fully understood b
a) The java.net cache is replicating the NSCD (OS caching), which are the
appropriate layer for this kind of caching.
b) If a security policy requires a kind of caching, then the replaceable and
extensible security manager architecture should be used for this.
On 2/18/08, Andreas Plesner Jacobse
Alan Bateman wrote:
Alan,
I don't think it's a significant change, since that's how getByName()
acts when the cache entries time out, so changing it would make it act
a lot more consistently.
Actually, I think it's worth debating whether or not InetAddress
should cache lookups at all, I thi
Andreas Plesner Jacobsen wrote:
:
I don't think it's a significant change, since that's how getByName()
acts when the cache entries time out, so changing it would make it act
a lot more consistently.
Actually, I think it's worth debating whether or not InetAddress
should cache lookups at all
Alan Bateman wrote:
Alan,
The specification could be improved but changing InetAddress.getByName
to return a random address is a significant change that could break
existing applications. It might be better to define a new method,
perhaps "getAnyByName", that randomly chooses one of the cache
Andreas Plesner Jacobsen wrote:
I've recently been introduced to the caching behaviour of InetAddress,
and I think it may be improved.
The javadoc reads:
The InetAddress class has a cache to store successful as well as
unsuccessful host name resolutions. The positive caching is there to
guard
I've recently been introduced to the caching behaviour of InetAddress,
and I think it may be improved.
The javadoc reads:
The InetAddress class has a cache to store successful as well as
unsuccessful host name resolutions. The positive caching is there to
guard against DNS spoofing attacks; wh
