RFC 1535
A Security Problem and Proposed Correction With Widely Deployed DNS Software, October 1993
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC1535
Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 1535
Abstract
This document discusses a flaw in some of the currently distributed name resolver clients. The flaw exposes a security weakness related to the search heuristic invoked by these same resolvers when users provide a partial domain name, and which is easy to exploit. This document points out the flaw, a case in point, and a solution. This memo provides information for the Internet community. It does not specify an Internet standard.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.