zlacker

[parent] [thread] 2 comments
1. icebra+(OP)[view] [source] 2019-05-05 00:57:53
I don't see what they can do, short of sending fake DNS replies with their own webserver IPs, which is worse for the integrity of DNS.
replies(1): >>SimeVi+uH
2. SimeVi+uH[view] [source] 2019-05-05 14:58:51
>>icebra+(OP)
Shouldn’t there be some kind of standard DNS response for this? There are dozens of different HTTP status codes for all kinds of scenarios. Doesn’t DNS have something like that? I know almost nothing about DNS, I’m just curious.
replies(1): >>icebra+jJ
◧◩
3. icebra+jJ[view] [source] [discussion] 2019-05-05 15:21:44
>>SimeVi+uH
The thing is, the server sends a real response, it's just not the same response as it sends to other recursive resolvers.

Imagine it's HTTP, and the site sent a 404 to your proxy, but you knew it generally sent a 200 to other proxies, what should you do? Send the 404, or override it with your own status code? Cloudflare is saying they are not OK with overriding codes.

[go to top]