On 10/24/14 8:36 AM, Frederico A C Neves wrote:
On Fri, Oct 24, 2014 at 08:18:54AM -0400, Phillip Hallam-Baker wrote:
On Fri, Oct 24, 2014 at 1:57 AM, Watson Ladd <[email protected]> wrote:
...
The DoS and amplification attacks are the reasons why I believe that
whatever mechanism we choose needs to authenticate requests and only
respond if the request is 'sufficiently' authentic.
We do have a "sufficiently" solution for this proposed now for more
than 8 years and counting.
http://tools.ietf.org/html/draft-eastlake-dnsext-cookies-00
Actually the most updated version is this:
https://datatracker.ietf.org/doc/draft-eastlake-dnsext-cookies/
version 5, and we've issues that Call for Adoption. Also, Mark Andrews
and Donald have made some changes to the design and have some data to
discuss in HI.
tim
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
