CNAME should be explicitly allowed or disallowed in server name resolution spec #606
Comments
|
Reading it word for word, it would indeed be a Synapse issue as the MSC was not clear: matrix-org/matrix-spec-proposals#1708 However, it's logical to assume that CNAME is supported as it does eventually point to an A or AAAA record. |
turt2live
added
clarification
|
I don't know if you are aware, but SRVs are not allowed to have a CNAME as target. I guess this is only about .well-known and server_name?
|
|
Since there hasn't been any movement on this issue for over a year, I figured I'd add an outsider's point of view: It would indeed make sense for CNAME's to be allowed (for .well-known and server_name), as that is how the larger internet functions in general. However, reading the current spec, I would understand it as them to specifically not be allowed. In my personal opinion as somebody that has implemented numerous specifications/protocols/servers, this is extremely jarring and confusing and I would heavily recommend clarifying the spec to explicitly allow CNAME as well. Or, even better: word it something to the extend of "using the standard hostname resolution of the operating system", so that potential future changes to DNS are automatically accounted for and followed in a logical/consistent manner. Especially since Synapse already follows CNAME records and following them inside a browser cannot be avoided (!), it would make sense to not let this rest for even longer and fix up the wording to be in-line with both current behavior of the reference implementation and the capabilities of modern browsers. |
Each step in the "Resolving server names" spec tells you to "resolve the IP address using AAAA or A records", which doesn't make it clear whether or not CNAME records are allowed.
If they're not allowed, Synapse should be fixed not to allow them.
The text was updated successfully, but these errors were encountered: