RFC 1535 (rfc1535) - Page 2 of 5
A Security Problem and Proposed Correction With Widely Deployed DNS Software
Alternative Format: Original Text Document
RFC 1535 DNS Software Enhancements October 1993
The resolver client will realize that since "UnivHost.University.EDU"
does not end with a ".", it is not an absolute "rooted" FQDN. It
will then try the following combinations until a resource record is
found:
UnivHost.University.EDU.Tech.ACES.COM.
UnivHost.University.EDU.ACES.COM.
UnivHost.University.EDU.COM.
UnivHost.University.EDU.
Security Issue
After registering the EDU.COM domain, it was discovered that an
unliberal application of one wildcard CNAME record would cause *all*
connects from any .COM site to any .EDU site to terminate at one
target machine in the private edu.com sub-domain.
Further, discussion reveals that specific hostnames registered in
this private subdomain, or any similarly named subdomain may be used
to spoof a host.
Example: harvard.edu.com. CNAME targethost
Thus all connects to Harvard.edu from all .com sites would end up at
targthost, a machine which could provide a Harvard.edu login banner.
This is clearly unacceptable. Further, it could only be made worse
with domains like COM.EDU, MIL.GOV, GOV.COM, etc.
Public vs. Local Name Space Administration
The specification of the Domain Name System and the software that
implements it provides an undifferentiated hierarchy which permits
delegation of administration for subordinate portions of the name
space. Actual administration of the name space is divided between
"public" and "local" portions. Public administration pertains to all
top-level domains, such as .COM and .EDU. For some domains, it also
pertains to some number of sub-domain levels. The multi-level nature
of the public administration is most evident for top-level domains
for countries. For example in the Fully Qualified Domain Name,
dbc.mtview.ca.us., the portion "mtview.ca.us" represents three levels
of public administration. Only the left-most portion is subject to
local administration.
Gavron