Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
progval
4y ago
0 comments
Save
Share
> nothing about DNSSEC prevents a DNS server (or middlebox) from denying results to a disfavored domain
But at least it is detectable thanks to NSEC and NSEC3 records.
0 comments
2 comments · 2 top-level
top
newest
oldest
cyounkins
4y ago
Kind of. An intermediary can drop packets and the client will never get the response.
tptacek
4y ago
It's detectable when the site that the DNS provider is censoring falls off the Internet!
j
/
k
navigate · click thread line to collapse
