5 Aug
2009
5 Aug
'09
1:12 p.m.
On Wed, Aug 5, 2009 at 6:48 PM, John Levine<johnl@iecc.com> wrote:
3) Random case in queries, e.g. GooGLe.CoM 4) Ask twice (with different values for the first three hacks) and compare the answers
I presume everyone is doing the first two. Any experience with the other two to report?
3 works, but offers zero protection against 'kaminsky spoofing the root' since you can't fold the case of "123456789.". And the root is the goal. 4 breaks on Akamai and many other CDNs. Even 'ask thrice, and take the majority answer' doesn't work there. 5 is 'edns ping', but it was effectively blocked because people thought DNSSEC would be easier to do, or demanded that EDNS PING (http://edns-ping.org) would offer everything that DNSSEC offered. Bert