On Fri, Jun 27, 2014 at 9:04 PM, Julian Harnath <julian.harnath@xxxxxxxxxxxxxx> wrote: > > > Well if you look at e.g. [0] you can see there that not everyone agress > on that... that's what I meant when I said that it's disputed. It seems > to be a common interpretation that underscores are indeed forbidden in > hostnames, but not in domain names. Yes excuse me i was in a little haste when writing the initial mail and quoted the wrong RFC. This host looks like it is a part of a CDN pool of servers/hosts plus the "offending" part of the name appears in the far left of it indicating its host. In essence a name describing a specific host in the aforementioned pool. (hence a host not domain name) "dradio_mp3_dlf_m.akacast.akamaistream.net". If that is not enough of a reasoning you can read the associated RFCs yourself (the correct ones this time) being 1035 (section 2.3.1) and 1123 (section 2.1) >Given the option's name, it might do more than just allow underscores in names. >So it would be prudent to investigate a bit whether this might introduce a >possible new attack vector. Finally +1 for Ingo's comment this needs further investigation before becoming a default (i still prefer easy GUI access to enable/disable it rather than having it default though as Julian suggested in a later reply) -- Regards, Alex-P. Natsios (a.k.a Drakevr)