Re: [tor-talk] Tor resolver DNSSEC RRs
On Tue, Nov 29, 2011 at 6:06 AM, t...@lists.grepular.com wrote: If the SSHFP RR type is added too, people who use OpenSSH with the VerifyHostKeyDNS option can benefit from public key verification when SSH'ing into a box for the first time, over Tor. (It's important to note that OpenSSH trusts the AD bit in the DNS reply. So, using it with Tor's DNS resolver assumes that Tor acts as a full, validating, DNSSEC resolver. It would likely be more expeditious to figure out a way have Unbound forward over Tor.) Cheers AGL -- Adam Langley a...@imperialviolet.org http://www.imperialviolet.org ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ServerDNSRandomizeCase and GoDaddy
On Mon, Jun 13, 2011 at 4:53 PM, Anders Sundman and...@4zm.org wrote: $ dig WiMp.com @ns03.domaincontrol.com. Thanks. I've passed this on to GoDaddy. Cheers AGL -- Adam Langley a...@imperialviolet.org http://www.imperialviolet.org ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] ServerDNSRandomizeCase and GoDaddy
On Mon, Jun 13, 2011 at 10:24 AM, Anders Sundman and...@4zm.org wrote: A couple of days back GoDaddy did something to mess up the neat 0x20 hack. Now all answers are lowercase: $ dig GoDady.com @ns46.domaincontrol.com. ;; AUTHORITY SECTION: godady.com. 3600 IN NS NS45.DOMAINCONTROL.com. godady.com. 3600 IN NS NS46.DOMAINCONTROL.com. You would kind of hope that a CamelCase named company would get this right :) That's a problem. Are *.domaincontrol.com GoDaddy's DNS servers? Can you give an example of a less phishy looking domain? If I can get a good example then I may be able to get this fixed. Cheers AGL -- Adam Langley a...@imperialviolet.org http://www.imperialviolet.org ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk