diff options
| -rw-r--r-- | ChangeLog | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -12,6 +12,13 @@ Changes in version 0.2.1.7-alpha - 2008-11-xx Suggested by Lucky Green. - Preserve case in replies to DNSPort requests in order to support the 0x20 hack for resisting DNS poisoning attacks. + - Implement the 0x20 hack to better resist DNS poisoning: set the + case on outgoing DNS requests randomly, and reject responses + that do not match the case correctly. This logic can be + disabled with the ServerDNSRamdomizeCase setting, if you are + using one of the 0.3% of servers that do not reliably preserve + case in replies. See "Increased DNS Forgery Resistance through + 0x20-Bit Encoding" for more info. o Hidden service performance improvements: - When the client launches an introduction circuit, retry with a |