Deprecate And Remove Support For Invalid DNS Names

We have a security vulnerability that is rather long in the tooth (not yet public) that depends, in part, on our DNS resolver’s willingness to attempt to resolve arbitrary garbage strings, including strings that could not ever be valid hostnames. I propose to remove support for such requests in our DNS resolution code, and attempt only to resolve legal hostnames (“preferred name syntax”). Additionally, I propose we accept underscores (_) in names. (See the measurement CL.) Note that IDNs are P


Status in Chromium


In development (tracking bug)

Consensus & Standardization

  • No public signals
  • No public signals
  • No public signals
  • No signals


Last updated on 2017-06-14