Viktor Dukhovni <[email protected]> wrote: > > The longer suffix could for now rule out misuse of TXT records since > each <character-string> chunk of a TXT record is at most 255 bytes.
I've updated my article to account for this. An attacker can add a fixed trailer of 255 zero bytes after the collision blocks to deal with substring lengths. The first part of the trailer uses up any remaining space in the last substring of the collision blocks, and the rest of the trailer is interpreted as zero-length substrings up to the end of the TXT record. Length bytes inside the collision blocks can be any old mush. https://www.dns.cam.ac.uk/news/2020-01-09-sha-mbles.html Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Gibraltar Point to North Foreland: Northwesterly 4 or 5, backing southerly or southwesterly 5 to 7, perhaps gale 8 later. Slight or moderate, smooth in Thames estuary. Mainly fair. Good. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
