Thicket data repository for the EEG
anil.recoil.org
1{
2 "id": "https://ryan.freumh.org/dns-loc-rr.html",
3 "title": "DNS LOC",
4 "link": "https://ryan.freumh.org/dns-loc-rr.html",
5 "updated": "2022-05-21T00:00:00",
6 "published": "2022-01-18T00:00:00",
7 "summary": "<div>\n \n <span>Published 18 Jan 2022.</span>\n \n \n <span>Last update 21 May 2022.</span>\n \n </div>\n \n \n\n <p><span>The Domain Name System (DNS) has a little known\n‘LOC’ resouce record (RR) defined in 1996 for encoding location\ninformation purportedly for hosts, networks, and subnets[0].</span></p>\n<p><span>It encodes:</span></p>\n<ul>\n<li>Latitude</li>\n<li>Longitude</li>\n<li>Altitude</li>\n<li>Size of the referenced sphere</li>\n<li>Horizontal and vertical precision</li>\n</ul>\n<p><span>A number of suggested uses are proposed in the\nRFC:</span></p>\n<ul>\n<li>USENET - a distributed discussion system now ecplised by the World\nWide Web - geographic flow maps.</li>\n<li>A ‘visual traceroute’ application showing geographical flow of IP\npacket, presumably relying on router responding to both IP TTL timeouts\nand DNS LOC requests.</li>\n<li>Network management based using LOC RRs to map hosts and\nrouters.</li>\n</ul>\n<p><span>RFC-1876 also describes algorithms for resolving\nlocations for domain names or IP addresses with decreasing accuracy. It\nstill refers to classful addressing, despite being published 3 years\nafter CIDR[1], probably because the algorithm it was adapted from was\npublished in 1989.</span></p>\n<p><span>An aside: <code>find.me.uk</code> can be used to\nget the location of any UK postcode,\ne.g. <code>$ dig loc cb30fd.find.me.uk</code>.</span></p>\n<p><span>There are a few notable issues with the DNS LOC\nRR.</span></p>\n<ul>\n<li>There’s no verification of LOC’s. See\n<code>$ dig loc freumh.org</code>.</li>\n<li>The privacy and security implications.</li>\n</ul>\n<blockquote>\n<p><span>High-precision LOC RR information could be used to\nplan a penetration of physical security, leading to potential\ndenial-of-machine attacks. To avoid any appearance of suggesting this\nmethod to potential attackers, we declined the opportunity to name this\nRR “ICBM”[0].</span></p>\n</blockquote>\n<ul>\n<li>They have extremely limitted real-world usage for practical\npurposes. trying to implement a visual traceroute would just not be\npossible, as no routers or networks have LOC records.</li>\n</ul>\n<blockquote>\n<p><span>CloudFlare handles millions of DNS records; of\nthose just 743 are LOCs[2].</span></p>\n</blockquote>\n<p><span>[0] - <a href=\"https://datatracker.ietf.org/doc/html/rfc1876\">RFC-1876 A Means\nfor Expressing Location Information in the Domain Name System</a><br>\n[1] - <a href=\"https://datatracker.ietf.org/doc/html/rfc1518\">RFC-1518-An\nArchitecture for IP Address Allocation with CIDR</a><br>\n[2] - <a href=\"https://blog.cloudflare.com/the-weird-and-wonderful-world-of-dns-loc-records/\">The\nweird and wonderful world of DNS LOC records</a><br>\n</span></p>",
8 "content": "<div>\n \n <span>Published 18 Jan 2022.</span>\n \n \n <span>Last update 21 May 2022.</span>\n \n </div>\n \n \n\n <p><span>The Domain Name System (DNS) has a little known\n‘LOC’ resouce record (RR) defined in 1996 for encoding location\ninformation purportedly for hosts, networks, and subnets[0].</span></p>\n<p><span>It encodes:</span></p>\n<ul>\n<li>Latitude</li>\n<li>Longitude</li>\n<li>Altitude</li>\n<li>Size of the referenced sphere</li>\n<li>Horizontal and vertical precision</li>\n</ul>\n<p><span>A number of suggested uses are proposed in the\nRFC:</span></p>\n<ul>\n<li>USENET - a distributed discussion system now ecplised by the World\nWide Web - geographic flow maps.</li>\n<li>A ‘visual traceroute’ application showing geographical flow of IP\npacket, presumably relying on router responding to both IP TTL timeouts\nand DNS LOC requests.</li>\n<li>Network management based using LOC RRs to map hosts and\nrouters.</li>\n</ul>\n<p><span>RFC-1876 also describes algorithms for resolving\nlocations for domain names or IP addresses with decreasing accuracy. It\nstill refers to classful addressing, despite being published 3 years\nafter CIDR[1], probably because the algorithm it was adapted from was\npublished in 1989.</span></p>\n<p><span>An aside: <code>find.me.uk</code> can be used to\nget the location of any UK postcode,\ne.g. <code>$ dig loc cb30fd.find.me.uk</code>.</span></p>\n<p><span>There are a few notable issues with the DNS LOC\nRR.</span></p>\n<ul>\n<li>There’s no verification of LOC’s. See\n<code>$ dig loc freumh.org</code>.</li>\n<li>The privacy and security implications.</li>\n</ul>\n<blockquote>\n<p><span>High-precision LOC RR information could be used to\nplan a penetration of physical security, leading to potential\ndenial-of-machine attacks. To avoid any appearance of suggesting this\nmethod to potential attackers, we declined the opportunity to name this\nRR “ICBM”[0].</span></p>\n</blockquote>\n<ul>\n<li>They have extremely limitted real-world usage for practical\npurposes. trying to implement a visual traceroute would just not be\npossible, as no routers or networks have LOC records.</li>\n</ul>\n<blockquote>\n<p><span>CloudFlare handles millions of DNS records; of\nthose just 743 are LOCs[2].</span></p>\n</blockquote>\n<p><span>[0] - <a href=\"https://datatracker.ietf.org/doc/html/rfc1876\">RFC-1876 A Means\nfor Expressing Location Information in the Domain Name System</a><br>\n[1] - <a href=\"https://datatracker.ietf.org/doc/html/rfc1518\">RFC-1518-An\nArchitecture for IP Address Allocation with CIDR</a><br>\n[2] - <a href=\"https://blog.cloudflare.com/the-weird-and-wonderful-world-of-dns-loc-records/\">The\nweird and wonderful world of DNS LOC records</a><br>\n</span></p>",
9 "content_type": "html",
10 "categories": [],
11 "source": "https://ryan.freumh.org/atom.xml"
12}