zlacker

[parent] [thread] 7 comments
1. codexo+(OP)[view] [source] 2019-05-04 19:49:30
Why not just send the subnet of the machine at cloudflare doing the querying?
replies(1): >>akerl_+M
2. akerl_+M[view] [source] 2019-05-04 19:54:49
>>codexo+(OP)
The full IP of the Cloudflare resolver doing the recursive resolution is already provided to the authoritative server, as the source IP for the DNS query traffic.
replies(1): >>shawnz+x1
◧◩
3. shawnz+x1[view] [source] [discussion] 2019-05-04 20:01:25
>>akerl_+M
I think the parent is saying, why not spoof the EDNS client subnet information?
replies(1): >>akerl_+p6
◧◩◪
4. akerl_+p6[view] [source] [discussion] 2019-05-04 20:39:47
>>shawnz+x1
True. Copying the information would be possible, but given they’re working on other efforts to replace the functionality of EDNS ECS in a standard way, it seems like a hacky bandaid.
replies(2): >>maniga+ld >>zamada+qd
◧◩◪◨
5. maniga+ld[view] [source] [discussion] 2019-05-04 22:03:07
>>akerl_+p6
EDNS is a working system today, doesn't seem that hacky to use it until a new system is actually ready (which doesn't seem to be anytime soon anyway).
replies(1): >>slenk+Bk
◧◩◪◨
6. zamada+qd[view] [source] [discussion] 2019-05-04 22:04:52
>>akerl_+p6
Is there anywhere I can learn about these ongoing efforts to replace EDNS?
◧◩◪◨⬒
7. slenk+Bk[view] [source] [discussion] 2019-05-04 23:42:07
>>maniga+ld
It works if you don't care about privacy
replies(1): >>maniga+mt
◧◩◪◨⬒⬓
8. maniga+mt[view] [source] [discussion] 2019-05-05 02:07:13
>>slenk+Bk
The suggestion was to use the EDNS of the datacenter server, how does that ruin privacy?
[go to top]