[dns-operations] Lot's of TXT queries from Google
Viktor Dukhovni
ietf-dane at dukhovni.org
Thu Oct 7 15:20:01 UTC 2021
On Thu, Oct 07, 2021 at 02:53:36PM +0000, Wessels, Duane via dns-operations wrote:
> I can't explain the TXT queries, but the NS queries seem to be
> Google's method of doing qname minimization, with an added nonce
> value. See https://indico.dns-oarc.net/event/39/contributions/864/
> and
> https://developers.google.com/speed/public-dns/docs/security?hl=en#nonce_prefixes
The odd thing is though that queries with Google's nonce labels to .NL
would be expected to have the appended label after some desired 2LD:
nonce.extant-2ld.nl
I would not expect Google to append 2LD rather than 3LD nonces in
queries to the .NL auth servers, those elicit NXDOMAIN, rather than the
desired nonce-salted referrals.
--
Viktor.
More information about the dns-operations
mailing list