[dns-operations] chrome's 10 character QNAMEs to detect NXDOMAIN rewriting

Doug Barton dougb at dougbarton.us
Tue Nov 26 21:22:51 UTC 2013

On 11/26/2013 01:06 PM, Andrew Sullivan wrote:
> On Tue, Nov 26, 2013 at 08:58:18PM +0000, Jim Reid wrote:
>> +1. However the lookups I was talking about are not going to name servers that google owns or have agreed to receive that traffic.
> I'm not sure it's entirely true that, if you've decided to operate a
> root name server, you haven't agreed to receive the traffic.  It seems
> to me under those circumstances you're effectively agreeing to receive
> more or less any traffic.

Further, every time strategies to mitigate that traffic like having 
resolvers slave the root zone are discussed, a non-trivial subset of the 
root operators pipe up and say that since upwards of 90% of the traffic 
is junk anyway, a bit more doesn't hurt anything.

> That doesn't mean it's ok for people to spew garbage, please note.



More information about the dns-operations mailing list