implement 0x20
A recent conversation on dnsop reminded me that several of the open source servers have implemented the 0x20 draft, and now google public DNS has done so as well, and we still haven't.
The idea is to add entropy to outgoing queries by randomizing the case of letters in the query name. There are two parts to this:
- The resolver requires responses to have an exact bit-for-bit copy of the name that was sent, and ignores responses that don't. We'd probably need a
server
option to relax this requirement in the event that a remote server was known to be responding persistently with the QNAME downsized. (This is arguably something we might want to do just for the sake of better protocol compliance; our current practice of case-insensitive QNAME matching seems a little iffy to me.) - When sending queries, the resolver randomly capitalizes letters in query names. We'd need a
view
option to decide whether to do this. For a first iteration I'd default to off.
Pros:
- cheap way to increase entropy, so why not
- ticks off a feature-parity box with unbound, knot resolver, google public DNS, probably others
Cons:
- doesn't add much entropy for short QNAMEs, which are more frequent now with QNAME minimization, and kinda important
- some increase in complexity
- may break resolution with some servers that work now
- we already have DNS COOKIE and should prioritize that