Here is a short review of draft-ietf-dnsop-cookies-04.txt. Note I was heavily involved into the "SIT" experiment (SIT was a scaled down version of the DNS cookie idea provided by bind9 version 9.9) so you should not surprise I like the DNS cookie.
I have two comments about the current text which applied to SIT and still apply to the "full" DNS cookie. First the critical security property provided by SIT/DNS cookie is the "return routability". This explains why it is not efficient against on-path attackers, and very efficient against DDoS/amplification attacks using fake source addresses. BTW as the current defense against DDoS/ amplificattion, the response-rate limitation, is in fact the choice between dropping the packet on the floor or return a truncated response to force TCP fallback, it is very fine to have another solution! The second comment is about the algorithm used by the server to compute the (state) cookie. It is left undefined and in fact you can use what you want if it provides the required properties (typically the secret is not easy to guess) and all equivalent servers (e.g., anycasted or load-balanced) use the same parameters (i.e., same algo and secret). Nevertheless when HMAC-SHAxxx is a good algorithm there are significantly faster alternatives, for instance based on AES (thanks to Russ Housley for the idea). Regards francis.dup...@fdupont.fr PS: Acknowledgements -> Acknowledgments in US English. There is coookie too. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop