[dns-operations] Google Public DNS has enabled case randomization globally
Mark Andrews
marka at isc.org
Mon Jul 31 20:50:31 UTC 2023
The query name isn’t data.
Data is what is entered into zones. That instruction requires that that the answer, authority, and additional sections preserve the case of names in responses. Case preserving compression is possible (BIND has done it for years) and was expected to be implemented. There are a lot of authoritative servers that fail in this respect. If you make a camel case query and get a camel case response in those sections the server is almost certainly broken.
Data is also what is cached.
--
Mark Andrews
> On 1 Aug 2023, at 06:34, abang at t-ipnet.net wrote:
>
>
> > Those are clear protocol violation, as the names are case insensitive from the very beginning (RFC 1034 + 1035), regardless of deploying the 0x20 draft.
>
> RFC 1035 section 2.3.3 "Character Case" says, "When data enters the domain system, its original case should be preserved whenever possible". I wonder if that means to copy the qname from the query section (case sensitive) into the answer section.
>
> Winfried
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
More information about the dns-operations
mailing list