Maintained by: NLnet Labs

2012 OARC Name Server Selection of DNS Caching Resolvers

Fri Sep 25 17:13:39 CEST 2015

Hi Richard,

AFAIK there were no big changes in Unbound's NS selection algorithm for

In Aug 2013 researchers pointed out the flaw in _BIND9's_ nameserver
selection algorithm that attackers could subvert randomization of NS
selection [1].
ISC stated that it is not considered a security vulnerability but they also
stated that
the algorithm will be improved [2]. I don't know further status of BIND9's

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>