RFC1535 on DNS Software Enhancements
"Joyce K. Reynolds" <jkrey@isi.edu> Wed, 06 October 1993 23:48 UTC
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa15676; 6 Oct 93 19:48 EDT
Received: from ietf.cnri.reston.va.us by CNRI.Reston.VA.US id aa25118; 6 Oct 93 19:48 EDT
Received: from ietf.cnri.reston.va.us by IETF.CNRI.Reston.VA.US id aa15665; 6 Oct 93 19:48 EDT
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa15642; 6 Oct 93 19:46 EDT
Received: from zephyr.isi.edu by CNRI.Reston.VA.US id aa25101; 6 Oct 93 19:46 EDT
Received: from akamai.isi.edu by zephyr.isi.edu (5.65c/5.61+local-13) id <AA15290>; Wed, 6 Oct 1993 16:46:58 -0700
Message-Id: <199310062346.AA15290@zephyr.isi.edu>
To: IETF-Announce:;
Subject: RFC1535 on DNS Software Enhancements
Cc: jkrey@isi.edu
Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
Date: Wed, 06 Oct 1993 16:46:56 -0700
Sender: ietf-announce-request@IETF.CNRI.Reston.VA.US
From: "Joyce K. Reynolds" <jkrey@isi.edu>
A new Request for Comments is now available in online RFC libraries. RFC 1535: Title: A Security Problem and Proposed Correction With Widely Deployed DNS Software Author: E. Gavron Mailbox: gavron@aces.com Pages: 5 Characters: 9,722 Updates/Obsoletes: none This document discusses a flaw in some of the currently distributed name resolver clients. The flaw exposes a security weakness related to the search heuristic invoked by these same resolvers when users provide a partial domain name, and which is easy to exploit (although not by the masses). This document points out the flaw, a case in point, and a solution. This memo provides information for the Internet community. It does not specify an Internet standard. Distribution of this memo is unlimited. This announcement is sent to the IETF list and the RFC-DIST list. Requests to be added to or deleted from the IETF distribution list should be sent to IETF-REQUEST@CNRI.RESTON.VA.US. Requests to be added to or deleted from the RFC-DIST distribution list should be sent to RFC-REQUEST@NIC.DDN.MIL. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to "rfc-info@ISI.EDU" with the message body "help: ways_to_get_rfcs". For example: To: rfc-info@ISI.EDU Subject: getting rfcs help: ways_to_get_rfcs Requests for special distribution should be addressed to either the author of the RFC in question, or to admin@DS.INTERNIC.NET. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. Submissions for Requests for Comments should be sent to RFC-EDITOR@ISI.EDU. Please consult RFC 1111, "Instructions to RFC Authors", for further information. Joyce K. Reynolds USC/Information Sciences Institute ... Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the RFCs.
- RFC1535 on DNS Software Enhancements Joyce K. Reynolds