In message
<ca+nkc8ab+vfvppcrqvb59eva1hkzrf0x6jnyyeodebujoyi...@mail.gmail.com>, Bob
Harold writes:
> The reason they wanted 0-padding, and to be verified by the receiver is to
> prevent that data from being used as a hidden communication channel by
> viruses. Changing that to random, or not checked, is therefore a problem.
> But then it is compressible, which is a different issue. I don't see an
> easy solution.
And checking helps how? A virus writer worth their salt will pad
w/ 0 unless they are talking to a known CC server which can be done
by looking at the server's key. If I can think of how to do this
without detection so can the virus writer.
This attituted to shutdown every possible convert channel makes
developing / extending protocols difficult. It is also impossible
to do.
Attempting to use a new opcode (15) runs into trouble link this
as shown by testing all the servers in the root zone gives:
[marka@ednscomp ~]$ awk '/dns=/ {print $10}'
tld-report/fullreport/full-tld.2015-11-16T00\:00\:00Z | sort | uniq -c
37 opcode=formerr
7291 opcode=ok
2133 opcode=timeout
[marka@ednscomp ~]$
I haven't deduped by IP address yet.
37 sites with the wrong error code FORMERR (how can you return
formerr when you don't know the format)
7291 returning NOTIMP
2133 do not respond to the unknown opcode. (a couple of these will
be unreachable servers)
Mark
> --
> Bob Harold
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [email protected]
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
