On Mon 2021-11-01 18:56:59 +0100, Vladimír Čunát wrote: > I don't think it's possible to leak more privacy by doing that. Assuming > an encrypted channel, only the overall length of the DNS message should > matter.
This is my intuition as well, though i haven't done any deep analysis on
it.
> Perhaps if the "surprising" repeat could trigger some bug, I imagine
> the effect might then be observable, but it still doesn't sound
> privacy-risky to me.
I'm also having a hard time imagining what bug would be triggered. I
imagine that most implementations just ignore all EDNS Padding options
they encounter, not only the first one, but i haven't tested it widely.
--dkg
signature.asc
Description: PGP signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
