shivankaul / draft-ssahib-xot-padding Goto Github PK
View Code? Open in Web Editor NEWPadding considerations for https://tools.ietf.org/html/draft-ietf-dprive-xfr-over-tls
Home Page: https://shivankaul.com/draft-ssahib-xot-padding/
License: Other
Padding considerations for https://tools.ietf.org/html/draft-ietf-dprive-xfr-over-tls
Home Page: https://shivankaul.com/draft-ssahib-xot-padding/
License: Other
"Do they send records in a fixed or random order - would this allow anything about the zone contents to be inferred by watching different message sizes over time if they are not all padded to the same size"
not sure this actually matters since an observer can only see a stream of packets which might contain one or more DNS messages
We currently specify that XFR responses should be padded according to the Block-Length Padding strategy recommended in [RFC8467]. We should also specify that the requests should be padded so as to protect the domain name.
"How do most open source implementations split up AXFR responses? A fixed number of records per response or as many as they can fit in a TCP message length of 65535 bytes? (Note RFC5936 talks about supporting old clients that expect one record per response!)."
Will need to set up NSD and Knot Auth primaries to test this...
Does name compression practically limit the size of the real DNS payload (i.e. excluding padding) to 16kb?
I think Mark Andrews pointed out that with ‘smart’ compression the packet could still be 64kB with pointers pointing back to the preceding 16kb but not sure any implementation does this..
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.