[Outages-discussion] Mixed Case of.mil MX Servers?
Sanjeev Gupta
sanjeev at dcs1.biz
Tue Oct 28 00:18:20 EDT 2014
On Tue, Oct 28, 2014 at 9:47 AM, Jim Popovitch <jimpop at gmail.com> wrote:
> Here's some relevant bits of interest from USA and EU queries in which
> I see 3 different cases for the word "navy" (nAVy, naVy, nAvy) (also:
> .MIL and .miL). What's up with the case sensitivity?
>
I am seeing this as well, from Singapore and HK.
navy.mil. 57382 IN MX 10 pri-jeemsg.eemsg.mail.miL
.
navy.mil. 85424 IN MX 20 sec-jeemsg.eemsg.mail.miL
.
navy.mil. 85424 IN MX 30 mx15.nmci.naVy.miL.
navy.mil. 85424 IN MX 30 mx14.nmci.naVy.miL.
navy.mil. 85424 IN MX 30 mx13.nmci.naVy.miL.
;; Received 167 bytes from 199.252.162.234#53(199.252.162.234) in 234 ms
<Tin Foil Type=Hat State=On>
There was a paper (which I cannot locate now), a couple of years ago, which
covered this issue. The idea was to use the fact that although RFC 4343
discusses case-folding, most DNS clients will preserve case. It is
therefore possible to use DNS queries to trace the chain that you took to
resolve a record, and even to track individual visitors to your web site by
looking at your DNS logs. For it to work well, you need really long DNS
names.
</Tin Foil>
So the MIL case may just be something else, or they are testing to see
which of the MIL DNS servers are used by people looking for NAVY.MIL
records. Or to see if people are respecting TTL (change captialisation
every 4 hours, see if people are caching records?).
I have DNS servers for 20 years now, and am coming round to the view that
DNS clients and servers should NOT do case-folding. With non-ASCII names
common, it is harder to decide if two characters are the same-in-effect.
--
Sanjeev Gupta
+65 98551208 http://sg.linkedin.com/in/ghane
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20141028/b7dddcbd/attachment.html>
More information about the Outages-discussion
mailing list