Closed Habbie closed 6 years ago
Agreed, and I have a preference for 'strip' too since it would be consistent with what we do for ECS at the moment.
This request came from DW - https://mailarchive.ietf.org/arch/msg/dnsop/ie3DhrIUCEEZwGaWtJ4pLjs96dw/
After discussion with @raybellis and @rgacogne: suggest a MUST on REFUSED, even from implementations that do not otherwise support XPF, so that leaks are caught swiftly, as Duane suggested.
I'm kind of OK with this, except that this then might become an oracle that discloses an XPF aware server (FSVO "aware") from one that has no XPF capabilities at all.
I don't know how much that matters, though.
You can never rule out all fingerprinting possibilities.. I think this is the right balance.
resolved by 3171ae39
3.1 says proxies strip XPF (unless), 3.2 says servers say REFUSED on XPF (unless). This behaviour should be identical for both (whichever choice we make) because a difference exposes details of the internals of a setup. I'm leaning towards 'strip' for both, but I'm fine with REFUSED for both too.
Thanks @mind04