Y
Hacker News
new
|
ask
|
show
|
jobs
by
progval
1568 days ago
> nothing about DNSSEC prevents a DNS server (or middlebox) from denying results to a disfavored domain
But at least it is detectable thanks to NSEC and NSEC3 records.
2 comments
cyounkins
1568 days ago
Kind of. An intermediary can drop packets and the client will never get the response.
link
tptacek
1568 days ago
It's detectable when the site that the DNS provider is censoring falls off the Internet!
link