Gregory Maxwell [ARCHIVE] on Nostr: 📅 Original date posted:2014-05-15 📝 Original message:On Thu, May 15, 2014 at ...
📅 Original date posted:2014-05-15
📝 Original message:On Thu, May 15, 2014 at 4:50 AM, Andreas Schildbach
<andreas at schildbach.de> wrote:
> I'm bringing this issue up again. The current Bitcoin DNS seed
> infrastructure is unstable. I assume this is because of we're using a
> custom DNS implementation which is not 100% compatible. There have been
> bugs in the past, like a case sensitive match for the domain name.
If software is using the DNS seeds in a way where one or two being
unavailable is problematic, then the software may be using them
poorly.
Generally DNS seeds should only be used as fast connectivity hints,
primarily for initial connectivity. Relying on them exclusively
increases isolation vulnerabilities (e.g. because the dns seed
operators or any ISP or network attacker on the path between you and
the seeds can replace the results with ones that isolate you on a
bogus network).
📝 Original message:On Thu, May 15, 2014 at 4:50 AM, Andreas Schildbach
<andreas at schildbach.de> wrote:
> I'm bringing this issue up again. The current Bitcoin DNS seed
> infrastructure is unstable. I assume this is because of we're using a
> custom DNS implementation which is not 100% compatible. There have been
> bugs in the past, like a case sensitive match for the domain name.
If software is using the DNS seeds in a way where one or two being
unavailable is problematic, then the software may be using them
poorly.
Generally DNS seeds should only be used as fast connectivity hints,
primarily for initial connectivity. Relying on them exclusively
increases isolation vulnerabilities (e.g. because the dns seed
operators or any ISP or network attacker on the path between you and
the seeds can replace the results with ones that isolate you on a
bogus network).