From: Max Zettlmeißl Subject: Re: [PATCH] ssh-add: Support @ in the user part of destination constraints To: Damien Miller Cc: "Todd C. Miller" , tech@openbsd.org Date: Fri, 6 Sep 2024 18:21:23 +0200 On Fri, 6 Sept 2024 at 04:16, Damien Miller wrote: > The only problem is that someone, somewhere, somehow will have used '@' > in a hostname and this will break them. Now we both know that this will not prevent anyone out there from using it, but isn't an '@' in a hostname formally invalid? RFC 952 and 1123 specify \-0-9A-Za-z and essentially A-Z is treated as a-z and the period separates components. The hostname also may not start with a hyphen. Even if an '@' for some reason would one day be a valid within a domain name, it probably would have to be punycode encoded. DNS names on the other hand may contain any octet (RFC 2181, section 11), but that would then probably prevent them from serving as hostnames.