W3C home > Mailing lists > Public > public-privacy@w3.org > April to June 2018

DNS "cookies" or privacy of DNS caching

From: Nick Doty <tést@ischool.berkeley.edu>
Date: Tue, 10 Apr 2018 15:43:27 -0700
Message-Id: <1399161D-D7BE-4241-A876-72A2097DEDE1@ischool.berkeley.edu>
To: public-privacy@w3.org
I'm curious if there has been any work to investigate the problem of identifying users through DNS cache values. This has been called "DNS cookies":

http://dnscookie.com/ <http://dnscookie.com/>

I'm not sure if shared DNS caches (8.8.8.8 or 1.1.1.1, maybe) would be an effective mitigation to increase the anonymity set.

Related, would there be any ways to detect when a site is doing this, either by the pattern of loading of a large number of subdomains in the browser, or on the other side by observing strange patterns of replying to DNS requests with different addresses?

—Nick


Received on Tuesday, 10 April 2018 22:43:56 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 10 April 2018 22:43:56 UTC