[tor-relays] dns request capitalization, tor and unbound
Zack Weinberg
zackw at cmu.edu
Sun Jul 3 13:51:43 UTC 2016
On Sun, Jul 3, 2016 at 9:25 AM, ajs124 <tor at ajs124.de> wrote:
>
> Afterwards, I noticed that most if not all the DNS request are randomly capitalized.
> Does this impact unbound's caching ability? My cache hit/miss ratio is around 1/5.
This is "0x20 encoding", see
https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
https://isc.sans.edu/diary/Use+of+Mixed+Case+DNS+Queries/12418 and
https://dyn.com/blog/use-of-bit-0x20-in-dns-labels/ . It makes it
harder for a MITM to spoof DNS responses.
It shouldn't affect unbound's ability to cache anything. However, I
personally think it is inappropriate to run a DNS cache on an exit
node, because that preserves a record on the exit node of what people
are using it for.
zw
More information about the tor-relays
mailing list