[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0001] branch master updated: SHOULD allow turning of DNS
From: |
gnunet |
Subject: |
[lsd0001] branch master updated: SHOULD allow turning of DNS |
Date: |
Wed, 02 Feb 2022 17:23:02 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository lsd0001.
The following commit(s) were added to refs/heads/master by this push:
new 1717a4a SHOULD allow turning of DNS
1717a4a is described below
commit 1717a4af900c0d1492143a063d406f6429f2fb66
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Feb 2 17:23:00 2022 +0100
SHOULD allow turning of DNS
---
draft-schanzen-gns.xml | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 0662637..8150e21 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -2060,20 +2060,20 @@ example.com = zk2
GNS2DNS record, there is no "going back".
The (possibly recursive) resolution of the DNS name MUST NOT
delegate back into GNS and should only follow the DNS
specifications.
- For example, names contained in CNAME records MUST NOT be
+ For example, names contained in DNS CNAME records MUST NOT be
interpreted as GNS names.
</t>
- <t>
- GNS resolvers MUST offer a configuration
- option to disable DNS processing to avoid information leakage
- and provide a consistent security profile for all name resolutions.
- Such resolvers would return an empty record set upon encountering
- a GNS2DNS record during the recursion. However, if GNS2DNS records
- are encountered in the record set for the apex and a GNS2DNS record
- is explicitly requested by the application, such records MUST
- still be returned, even if DNS support is disabled by the
- GNS resolver configuration.
- </t>
+ <t>
+ GNS resolvers SHOULD offer a configuration
+ option to disable DNS processing to avoid information leakage
+ and provide a consistent security profile for all name
resolutions.
+ Such resolvers would return an empty record set upon encountering
+ a GNS2DNS record during the recursion. However, if GNS2DNS records
+ are encountered in the record set for the apex and a GNS2DNS
record
+ is explicitly requested by the application, such records MUST
+ still be returned, even if DNS support is disabled by the
+ GNS resolver configuration.
+ </t>
</section>
<section anchor="cname_processing" numbered="true" toc="default">
<name>CNAME</name>
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lsd0001] branch master updated: SHOULD allow turning of DNS,
gnunet <=