Moin!
On 21 Jan 2021, at 13:48, Yasuhiro Orange Morishita / 森下泰宏 wrote:
> I know that section 6 of RFC 5452 describes 'in-domain checking'
> for full-service resolvers, but I can't find any RFCs describing the
> same checking for DNS forwarders...
The DNS forwarders term didn’t appear in an RFC
Hi,
> fyi
> https://www.jsof-tech.com/disclosures/dnspooq/
I've read a technical whitepaper of the DNSpooq[*1] from JSOF,
and I have a question about response validation in DNS forwarders.
[*1] DNSpooq - Cache Poisoning and RCE in Popular DNS Forwarder dnsmasq
Le 21/01/2021 à 12:07, Stephane Bortzmeyer a écrit :
> On Tue, Jan 19, 2021 at 03:53:04PM +,
> Roy Arends wrote
> a message of 7 lines which said:
>
>> fyi
>>
>> https://www.jsof-tech.com/disclosures/dnspooq/
> Real vulnerabilities and good technical work but why do they feel the
> need
On Tue, Jan 19, 2021 at 03:53:04PM +,
Roy Arends wrote
a message of 7 lines which said:
> fyi
>
> https://www.jsof-tech.com/disclosures/dnspooq/
Real vulnerabilities and good technical work but why do they feel the
need to add references to the "Internet DNS Architecture" (it is not a