Dňa 7. februára 2024 22:09:18 UTC používateľ Atro Tossavainen via mailop <[email protected]> napísal:
>Now if that was a problem and this private secret got out because of >a query that was just done through Google a few minutes ago, we'd >find out in no time at all because Spamhaus would shut this private >secret down. I also expect we wouldn't have been the first ones to >explore this "problem" if it was one. DNS traffic is not encrypted, only encoded in public format, thus any router/hop (in public net) can see yout DQS, or any other, key included in query name. And without qname minimisation, you will share it with root & TLD nameservers too (and with hops to them). While i preffer do not share anything with google, IMO it doesn't matter, as the key is not private by any way. regards -- Slavko https://www.slavino.sk/ _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
