[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] dns request capitalization, tor and unbound



On Sun, Jul 3, 2016 at 9:25 AM, ajs124 <tor@xxxxxxxxx> wrote:
>
> Afterwards, I noticed that most if not all the DNS request are randomly capitalized.
> Does this impact unbound's caching ability? My cache hit/miss ratio is around 1/5.

This is "0x20 encoding", see
https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
https://isc.sans.edu/diary/Use+of+Mixed+Case+DNS+Queries/12418 and
https://dyn.com/blog/use-of-bit-0x20-in-dns-labels/ .  It makes it
harder for a MITM to spoof DNS responses.

It shouldn't affect unbound's ability to cache anything.  However, I
personally think it is inappropriate to run a DNS cache on an exit
node, because that preserves a record on the exit node of what people
are using it for.

zw
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays