Yeah, good point about side channels. Let's stick to recommending randomization!
Shumon. On Fri, Jun 15, 2018 at 8:01 PM Colm MacCárthaigh <[email protected]> wrote: > > I think so too; and I wouldn't be so strict on backwards compatibility > there. > > That behavior is a side-channel that defeats DNS privacy in some cases. > E.g. I can query a record, watch you send an encrypted query, then query > the record again, and tell what you queried. Within some probability at > least. > > For that reason, It'd be worth experimenting with an implementation that > does shuffle the results each time. > > On Fri, Jun 15, 2018 at 4:54 PM, Shumon Huque <[email protected]> wrote: > >> On Fri, Jun 15, 2018 at 5:55 PM Colm MacCárthaigh <[email protected]> >> wrote: >> >>> >>> Just a question on this: was the old/classic behavior really >>> random/shuffled? Or was it that bind would "rotate" through iterations >>> where the order was the same each time if you think of the rrset list as a >>> ring, but with a different start and end point within that ring? (That's >>> what's described here: >>> https://docstore..mik.ua/orelly/networking_2ndEd/dns/ch10_07.htm >>> <https://docstore.mik.ua/orelly/networking_2ndEd/dns/ch10_07.htm>) >>> >> >> ISC veterans can confirm, but my recollection is that the earliest >> implementations were indeed as described above - the response RRset was >> cycled/rotated, rather than randomized. >> >> Shumon. >> >> > > > -- > Colm >
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
