
The .io Error: A Problem with Bad Optics, but Little Substance - mrwendel
https://mpounsett.blogspot.com/2017/07/the-io-error-problem-with-bad-optics.html
======
detaro
> _For the second query, the client will select one of the .io name servers in
> the previous response, and send it the same query._

And if the client selects one of the fake nameservers, that doesn't have to
respond with the correct answer of delegation to the _nsX.dreamhost.com._ ,
but can give whatever fake answer it wants, and has successfully executed the
attack(?) What nuance am I missing? That 3/7 of the requests will go to a non-
fake NS, and some will initially be cached, and thus the takeover isn't
complete (which from my reading the source article didn't claim)?

