We have a security vulnerability that is rather long in the tooth (not yet public) that depends, in part, on our DNS resolver’s willingness to attempt to resolve arbitrary garbage strings, including strings that could not ever be valid hostnames. I propose to remove support for such requests in our DNS resolution code, and attempt only to resolve legal hostnames (“preferred name syntax”). Additionally, I propose we accept underscores (_) in names. (See the measurement CL.)
Reduce exposure to bugs.
Docs: https://docs.google.com/document/d/13NhCJ-AN7gGNmcJML8wYTpMo7OowcPzF2s4M_Ts5v5k/edit