[dns-operations] Google Public DNS plans to enable case randomization for cache poisoning protection

Tianhao Chi chitianhao at google.com
Fri Aug 12 18:02:25 UTC 2022


@Winfried,

We do retry over TCP if there's a case mismatch. However, we've found out
that many of the case-ignoring nameservers don't support TCP, resulting in
resolution failures.


On Fri, Aug 12, 2022 at 12:59 AM <abang at t-ipnet.net> wrote:

> Hi,
>
> > Responses that fail to preserve the case of
> > the query name may be dropped as
> >potential cache poisoning attacks
>
> Why not fallback to TCP in such cases?
>
> Winfried
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20220812/7f133f0c/attachment-0001.html>


More information about the dns-operations mailing list