This can be dropped. EDNS aware clients are required to ignore unknown EDNS
options.
A server MUST use the 'Padding' option in a DNS response (QR=1) only
when that response correlates to a query that contained the 'Padding'
option.
For QUERY I would be padding the request out to 400 o
On Thu 2015-07-23 18:50:14 +0200, Alexander Mayrhofer wrote:
> I had a discussion with Daniel Khan Gillmor today, and we talked about
> his proposal to specify a padding option in TLS so that message-size
> based correlation attacks on encrypted DNS packets could be
> prevented. We continued discu
On 12/3/13 5:20 PM, "Stephane Bortzmeyer" wrote:
>On Mon, Dec 02, 2013 at 01:13:26PM -0500,
> Warren Kumari wrote
> a message of 35 lines which said:
>
>> > OK. And do note "chaff" may be a by-product of
>> > draft-wkumari-dnsop-hammer.
>>
>> Um, please explain.
>>
>> Hammer (and the various
On Dec 3, 2013, at 5:20 PM, Stephane Bortzmeyer wrote:
> On Mon, Dec 02, 2013 at 01:13:26PM -0500,
> Warren Kumari wrote
> a message of 35 lines which said:
>
>>> OK. And do note "chaff" may be a by-product of
>>> draft-wkumari-dnsop-hammer.
>>
>> Um, please explain.
>>
>> Hammer (and the v
On Mon, Dec 02, 2013 at 01:13:26PM -0500,
Warren Kumari wrote
a message of 35 lines which said:
> > OK. And do note "chaff" may be a by-product of
> > draft-wkumari-dnsop-hammer.
>
> Um, please explain.
>
> Hammer (and the various similar, actually implemented things) simply
> trigger lookup
On Dec 2, 2013, at 2:57 AM, Stephane Bortzmeyer wrote:
> On Sun, Dec 01, 2013 at 11:31:26PM +,
> Niall O'Reilly wrote
> a message of 11 lines which said:
>
>>> padding (sending random queries from time to time)
>>
>> a better word might be "chaff"
>
> OK. And do note "chaff" may be a b
On Sun, Dec 01, 2013 at 11:31:26PM +,
Niall O'Reilly wrote
a message of 11 lines which said:
> > padding (sending random queries from time to time)
>
> a better word might be "chaff"
OK. And do note "chaff" may be a by-product of
draft-wkumari-dnsop-hammer.
On 12/1/13, 1:06 PM, Paul Hoffman wrote:
> On Dec 1, 2013, at 12:09 PM, Stephane Bortzmeyer
> wrote:
>
>> On Wed, Nov 27, 2013 at 09:42:16AM -0800, Paul Hoffman
>> wrote a message of 52 lines which said:
>>
>>> Ummm, yes, but your message (and the Introduction) made it sound
>>> like the empha
> On 1 Dec 2013, at 21:44, Paul Hoffman wrote:
>
> padding (sending random queries from time to time)
a better word might be "chaff"
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
On Dec 1, 2013, at 1:20 PM, Ted Lemon wrote:
> On Dec 1, 2013, at 4:06 PM, Paul Hoffman wrote:
>> Here's a start: "Padding the DNS query stream will have a negative effect on
>> the DNS systems as a whole, but will only thwart passive surveillance for
>> those attackers who cannot store and pr
On Dec 1, 2013, at 4:06 PM, Paul Hoffman wrote:
> Here's a start: "Padding the DNS query stream will have a negative effect on
> the DNS systems as a whole, but will only thwart passive surveillance for
> those attackers who cannot store and process the larger stream. There is no
> current evid
On Dec 1, 2013, at 12:09 PM, Stephane Bortzmeyer wrote:
> On Wed, Nov 27, 2013 at 09:42:16AM -0800,
> Paul Hoffman wrote
> a message of 52 lines which said:
>
>> Ummm, yes, but your message (and the Introduction) made it sound
>> like the emphasis of the draft is on listing the privacy
>> impl
On Wed, Nov 27, 2013 at 09:42:16AM -0800,
Paul Hoffman wrote
a message of 52 lines which said:
> Ummm, yes, but your message (and the Introduction) made it sound
> like the emphasis of the draft is on listing the privacy
> implications, and not the suggested changes to deal with
> them. Choose
On Nov 27, 2013, at 7:36 AM, Stephane Bortzmeyer wrote:
> On Wed, Nov 27, 2013 at 07:29:05AM -0800,
> Paul Hoffman wrote
> a message of 29 lines which said:
>
>> The only possible outcome of people agreeing that there should be
>> more privacy for DNS queries and responses will be protocol cha
On Wed, Nov 27, 2013 at 07:29:05AM -0800,
Paul Hoffman wrote
a message of 29 lines which said:
> The only possible outcome of people agreeing that there should be
> more privacy for DNS queries and responses will be protocol changes.
I disagree. If you read the version -00, you will see that
On Nov 27, 2013, at 3:40 AM, Stephane Bortzmeyer wrote:
> After discussion with the relevant ADs, it seems this Internet-Draft
> is more for this working group.
Could those relevant ADs maybe say why? If it is because "it's the last WG
standing that has 'DNS' in its title", that seems particula
After discussion with the relevant ADs, it seems this Internet-Draft
is more for this working group. So reading and advices are welcome. I
see several possible outcomes but I let you talk first :-)
--- Begin Message ---
A New Internet-Draft is available from the on-line Internet-Drafts directorie
17 matches
Mail list logo
